Configure Attack Guards on the PIX Security Appliance
Connection limits

Use the static command to limit the number of embryonic connections allowed to the server to protect internal hosts against DoS attacks . Use the em_limit argument to limit the number of embryonic or half-open connections that the server or servers to be protected can handle. A value of zero disables protection. When the embryonic connection limit value is exceeded, all connections are proxied.

Use the nat command to protect external hosts against DoS attacks and to limit the number of embryonic connections from the external host . Use the em_limit argument to limit the number of embryonic or half-open connections that the server or servers to be protected can handle.

Use the udpudp_max_conns field to set the maximum number of simultaneous UDP connections the local_ip hosts are each allowed to use . Idle connections are closed after the time that is specified by the timeout connection command.

In both the nat and static statements, the udp_max_conns field is applicable even when the TCP max_conns limit is not set, by using the keyword udp. This allows the two limits to be exclusively configured.