Define UDP and TCP connection timeouts per firewall rule
My Idea. When I can define the UDP and TCP Timeouts per Firewall Policy I only have a higher risk in this connection. The general traffic has the "normal, general" UDP Timeout.
Now we can only define the UDP Timeout generally in the console under Advanced-Firewall Settings. When we use VoIP Phones and the reregister Value is set to 600 seconds, I have to define the generally UDP Timeout >600. This is a big security risk.
This functionality is crucial for environments when you need to fine tune firewall policies based on traffic or applications. Having option to globally raise TCP and UDP timeouts is inappropriate.
Jordan Ham commented
This would be a wonderful addition for hosted phone systems as the bindings need to stay alive but to increase the udp timeout it has to be done system wide at the moment. I would be a great feature to be able to do it per rule.
We need to specify differenti timeout or different concurrent session per Security Policy