Previous Next

Device Management > Device Tuning > Tuning Security Parameters > Tuning Application Security Parameters
Tuning Application Security Parameters
The Application Security Tables store information about sessions passing through the device and their sizes, which are correlated to the actual amount of sessions.
The changes to the tuning configuration take effect after a device reset.
* To configure the Application Security Tuning parameters
1.
Select Services > Tuning > Security > Application Security. The Application Security Tuning Parameters pane is displayed.
2.
In the relevant After Reset fields, configure the parameters; and then, click Set.
Table 30: Application Security Tuning Parameters
Parameter
Description
Maximal number of groups to be defined by user
The maximum number of groups defined in the User Groups table. The Groups Table lists the number of entries of attack groups defined by the user.1
Values: 1 – 300
Default: 50
Maximal number of attacks to be defined by user
The maximum number of attack entries in the User Attacks Database Table. The Attacks Database Table contains attacks provided by Radware as well as user-defined attacks.i
Values: 1 – 2000
Default: 100
Maximal number of srcIPs in Suspend Table
This Suspend Table allows the user to define that for certain attacks, in addition to the action defined in the attack, the device should also suspend traffic from the IP address that was the source of the attack, for a period of time.i
The maximum amount of source lP addresses in the Suspend Table. All traffic from the IP address identified as source of this attack will be suspended.
Values: 1000 – 100,000
Default: 10,000
Counters Source Table
The number of sessions to check the source address. i
Values: 100 – 100,000
Default: 16,384
Counters Target Table
Then number of sessions to check the target address.i
Values: 100 – 64,000
Default: 16,384
Counters Source & Target Table
The Source & Target Table contains an attack detection mechanism, which is based on the source and destination addresses of the incoming traffic. Each entry of this table contains source and destination addresses. If the number of packets sent from the same source to the same destination is above the predefined limit, this is identified as an attack. The Source & Target Table tuning parameter defines in how many sessions to check the source.i 
Values: 100 – 64,000
Default: 16,384
Counters DHCP Table
The number of entries in the Counters DHCP Table that contains attacks detection mechanism based on counting of IP requests for each MAC address. The requests are made using the Dynamic Host Configuration Protocol. When the number of IP requests for a particular MAC address is above the predefined limit, an attack is identified.i 
The DHCP Discover tuning parameter determines for how many MAC addresses to check the number of IP requests.
Values: 100 – 64,000
Default: 16,384
Maximal number of entries in NCPF table
The maximal number of entries in NCPF table.i  
Values: 16 – 16,000
Default: 2000
Maximal number of Anti-Scanning IP pairs Table
The Anti-Scanning IP pairs table is an internal table which is not configured by the user.i
Values: 10,000 – 1,000,000
Default: 10,000
1
This parameter is exposed only if the device has an IPS license.