Engine Editor > Advanced Settings > SYN Rate Limits

Use this branch to change global SYN rate limits. SYN rate limits reduce the risk of SYN flood attacks.

Option Definition
SYN Rate Limits Limits for SYN packets sent to the Secure SD-WAN Engine.
  • None — SYN rate limits are disabled.
  • Automatic — The Secure SD-WAN Engine automatically calculates the Allowed SYNs per Second and Burst Size values for the interface based on the Secure SD-WAN Engine capacity and memory size.
  • Custom — Enter custom values for Allowed SYNs per Second and Burst Size.
Allowed SYNs per Second

(When SYN Rate Limits is Custom)

The number of allowed SYN packets per second.
Burst Size

(When SYN Rate Limits is Custom)

The number of allowed SYNs before the Secure SD-WAN Engine starts limiting the SYN rate.
CAUTION:
We recommend setting the Burst Size value to at least one tenth of the Allowed SYNs per Second value. If the burst size is too small, SYN rate limits do not work. For example, if the value for Allowed SYNs per Second is 10000, the Burst Size value must be at least 1000.