Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
1-50
Overview
Firewall
When the number of connections from Zone1 reaches 10,000, the module
will set aside 100 connections from the other zones' connection limits,
provided that enough connections are available in the other zones. For
example, if there are 1,500 total connections left for all three of the other
zones, 100 of these will be set aside. Then only 1,400 total connections are
available for the other zones.
Figure 1-16. Inbound Connection Reservation Implication
If the current connection count from Zone1 is 10,100 (100 of which are to
10.1.2.22), and if 100 non-reserved connections in Zone1 are closed, then
the Zone1 limit will revert to its original limit of 10,000. At this point the
Zone1 maximum connections (10,000) includes the reserved connections.
Any other new connections from Zone1 to any zone will not be successful.
However, if the connection limits for other zones have not been reached,
new connections can be made to and from those zones.
In these examples the reservation is made across zones, but you can also make
reservations within a zone. For example, if you have workstations and servers
in the Internal zone, you can configure an inbound connection reservation to
the server IP address from the Internal zone.
Firewall Attack Checks
Firewall policies control which users and devices can access which resources.
The TMS zl Module firewall also applies general checks for various DoS
attacks.