|Max no. of pending requests||Maximum number of requests without responses in a single EtherNet/IP session. This value has to be between 1 and 512 seconds (default value: 10).|
|Maximum request duration (in seconds)||This value is the period after which EtherNet/IP requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10).|
|Maximum message size (bytes)||This value makes it possible to restrict the size allowed for an EtherNet/IP message. It has to be between 24 and 65535 (default value: 65535).|
Public commands tab
This list sets out the public EtherNet/IP functions allowed by default on the firewall. The action (Allow/Block) applied to each command can be modified by clicking in the Action column. The Modify all commands button makes it possible to change the action (Allow/Block) applied to all commands.
Other commands allowed tab
This list makes it possible to allow additional EtherNet/IP commands blocked by default on the firewall. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
|Disable intrusion prevention||When this option is selected, the scan of the EtherNet/IP protocol will be disabled and traffic will be authorized if the filter policy allows it.|
|Log each request||Enables or disables the logging of EtherNet/IP requests.|
|Automatically detect and inspect the protocol||If this protocol is enabled, the inspection function will automatically apply to discover corresponding traffic that filter rules allow.|