Hello everyone! I have a Juniper SRX firewall and in recent times I did had issues because one or other user doing an attack outside. Usually it is compromised client machines which create a lot of firewall sessions in outside direction. I was thinking of two specific things as fix for this: 1. Can I somehow put a cap per security policy so that all available sessions aren't chewed by clients? 2. We have very few clients who actually use firewall in outbound, rest all in inbound. This I wish to skip firewall in outbound but in my test I found it behaves strange. I tried with machine having inbound traffic via firewall. They ping and port 80 also worked but SSH just hung up as soon as I started. I see SRX can be used in unidirectional setup but somehow it fails in my case. Any suggestions/advice/ sample configs? Thanks in advance! -- Anurag Bhatia anuragbhatia.com Linkedin <http://in.linkedin.com/in/anuragbhatia21> | Twitter <https://twitter.com/anurag_bhatia> Skype: anuragbhatia.com PGP Key Fingerprint: 3115 677D 2E94 B696 651B 870C C06D D524 245E 58E2