Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
1-57
Overview
Firewall
Figure 1-20. Inbound Connection Reservation Implication
If the current connection count from Zone1 is 10,100 (100 of which are to
10.1.2.22), and if 100 non-reserved connections in Zone1 are closed, then
the Zone1 limit will revert to its original limit of 10,000. At this point the
Zone1 maximum connections (10,000) includes the reserved connections.
Any other new connections from Zone1 to any zone will not be successful.
However, if the connection limits for other zones have not been reached,
new connections can be made to and from those zones.
In these examples the reservation is made across zones, but you can also make
reservations within a zone. For example, if you have workstations and servers
in the Internal zone, you can configure an inbound connection reservation to
the server IP address from the Internal zone.
Firewall Attack Checks
Firewall policies control which users and devices can access which resources.
The TMS zl Module firewall also applies general checks for various DoS
attacks.
Some of the firewall checks are customizable and can be enabled or disabled
separately. Other checks cannot be disabled. For one of the checks, you can
also configure settings. See “Attack Checking” in Chapter 4: “Firewall” for
more information. Table 1-7 summarizes the modules capabilities.