Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
411
Views
0
Helpful
2
Replies

Any acceptable default value for firewall?

oem7110cisco
Level 1
Level 1

‎09-23-2012 06:21 AM - edited ‎03-07-2019 09:02 AM

Referring to following link,  it provides a list of default value for firewall setting,

I would like to know how to determine any appropriated DoS parameters adjusted to your network's normal behavior, and prevent any DoS protection mechanism, causing application failures, poor network performance, and high CPU utilization on the Cisco IOS Firewall router.

Will those default value be the most acceptable levels on balancing between network's normal behavior and DoS protection?

Does anyone have any suggestions?

Thanks in advance for any suggestions

ip inspect max-incomplete high value (default 500)

ip inspect max-incomplete low value (default 400)

ip inspect one-minute high value (default 500)

ip inspect one-minute low value (default 400)

ip inspect tcp max-incomplete host value (default 50) [block-time minutes (default 0)]

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd804e5098.html

Labels:
0 Helpful
2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎09-23-2012 08:55 AM

Hello Oem,

if you haven't already done you should post your thread under security / firewall forum section

Hope to help

Giuseppe

0 Helpful

singhaam007
Level 3
Level 3

‎09-23-2012 02:52 PM

Hi Oem,

Defines the number of half-open (incomplete) sessions that will cause the router to start deleting half-complete sessions (the high value) and stop deleting half-complete sessions (the low value). The

no version restores the default value

Defines the connection establishment rate at which the router starts deleting half-complete sessions (the high value) and stops deleting half-complete sessions (the low value). The no version restores the default value.

Defines the number of half-open (incomplete) sessions that will cause the router to start deleting half-complete sessions (the high value) and stop deleting half-complete sessions (the low value). The no version restores the default value

http://www.juniper.net/techpubs/software/erx/junose700/swcmdref-a-m/html/i-commands127.html

http://www.juniper.net/techpubs/software/erx/junose700/swcmdref-a-m/html/i-commands125.html

hope this helps.

please rate if this helps

thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card