Analyze Firewall connections w.r.t Orion Network analyzer

CyberSecLead · ‎07-23-2012

Dear All,

I need to consider limiting my Firewall connections from outside network.

On a average i am receiving 4000 connections / second (witnessed almost a month on daily basis)

hostname# sh conn count

3559 in use, 6657 most used

So what will be the preferred value to be configured by the MQC in firewall.

hostname(config)# class-map CONNS

hostname(config-cmap)# match any

hostname(config-cmap)# policy-map CONNS

hostname(config-pmap)# class CONNS

hostname(config-pmap-c)# set connection conn-max 4000 embryonic-conn-max 12000

hostname(config-pmap-c)# set connection timeout tcp 2:0:0 embryonic 0:40:0 half-closed 0:20:0 dcd

hostname(config-pmap-c)# service-policy CONNS interface outside

Also, i have established Orion Solarwinds Network performance monitor (version 10.3) to verify the number of connections.

My query's are follows..

++ Can i restrict the above values as defined in MQC.

++ Can anyone help me how to locate the similar connections in Orion monitor.

Best Regards / Vimal.

Amjad Abdullah · ‎07-23-2012

Hi Vimal,

I think you better move the post to security forums. This sub-forum is about security and management under wireless.

I think you meant to put the post in security forums not in wireless forums.

Regards,

Amjad

Rating useful replies is more useful than saying "Thank you"

CyberSecLead · ‎07-23-2012

Thanks for the info Amjad.

I have moved to the respective forum: Security ---> Security Management

Regards/ Vimal.

Amjad Abdullah · ‎07-23-2012

Thanks Vmal. +5 for your efforts

Rating useful replies is more useful than saying "Thank you"