1.
2.
Table 29: SYN Protection Tuning Parameters The number of entries in the SYN Protection Table, which stores data regarding the delayed binding process. An entry in the table exists from the time the client completes the handshake until the handshake is complete.Values: 10 – 1,000,000 SYN Protection Requests Table The number of entries in SYN Protection Requests Table, which stores the ACK or data packet that the client sends, until the handshake with the server is complete and the packet is sent to the server.Values: 1 – 32,000
Note: The Request Table and the SYN Protection Table must be about the same size. The value for the SYN Protection Triggers Table should be much smaller. SYN Protection Triggers Table The number of entries in SYN Protection Triggers Table, which stores the active triggers — that is, the destination IPs/ports on which the devices identifies an ongoing attack.Values: 10 – 100,000 SYN Protection Policies Table The number of entries in the SYN Protection Policies Table, which stores policies that control the SYN protection behavior for different types of traffic. Values: 16 – 4096 The number of entries in the ACK Reflection IPs Table. The table stores the number of SYN packets per second for the sampled and monitored source IP addresses. Values: 10 – 100,000 SYN Protection Attack Detection Entries The maximum number of SYN Protection Attack Detection Entries. Values: 10 – 1,000,000