|Max. number of pending requests||Maximum number of requests without responses in a single EtherNet/IP session. This value has to be between 1 and 512 (default value: 10).|
|Maximum request duration (seconds)||This value is the period after which EtherNet/IP requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10).|
|Maximum message size (bytes)||This value makes it possible to restrict the size allowed for an EtherNet/IP message. It has to be between 24 and 65535 (default value: 65535).|
EtherNet/IP command management
This list sets out the public EtherNet/IP functions allowed by default on the firewall. The action (Analyze / Block) applied to each command can be modified by clicking in the Action column. The Modify all commands button allows modifying the action (Analyze / Block) applied to all commands.
Other commands allowed
This list makes it possible to allow additional EtherNet/IP commands blocked by default on the firewall. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
|Disable intrusion prevention||When this option is selected, the scan of the EtherNet/IP protocol will be disabled and traffic will be authorized if the filter policy allows it.|
|Log every EtherNet/IP query||Enables or disables the logging of EtherNet/IP requests.|
|Automatically detect and inspect the protocol||If this protocol has been enabled, it will automatically be used for discovering corresponding packets in filter rules.|