Merge pull request #222889 from vhorne/fw-idle-timeout

prmerger-automator[bot] · web-flow · commit 52cfb6afc7c4 · 2023-01-04T16:24:23.000Z
update statement for Idle Timeout
diff --git a/articles/firewall/firewall-faq.yml b/articles/firewall/firewall-faq.yml
@@ -6,7 +6,7 @@ metadata:
   author: vhorne
   ms.service: firewall
   ms.topic: conceptual
-  ms.date: 11/29/2022
+  ms.date: 01/04/2023
   ms.author: victorh
 
 title: Azure Firewall FAQ
@@ -231,7 +231,7 @@ sections:
 
       - question: How does Azure Firewall handle idle timeouts?
         answer: |
-         When a connection has an idle timeout (four minutes of no activity), Azure Firewall gracefully terminates the connection by sending a TCP RST packet.
+         When a connection has an Idle Timeout (four minutes of no activity), Azure Firewall gracefully terminates the connection by sending a TCP RST packet.
 
       - question: How does Azure Firewall handle VM instance shutdowns during Virtual Machine Scale Set scale in (scale down) or fleet software upgrades?
         answer: |
@@ -278,7 +278,7 @@ sections:
 
       - question: What is the TCP Idle Timeout for Azure Firewall?
         answer: |
-          A standard behavior of a network firewall is to ensure TCP connections are kept alive and to promptly close them if there's no activity. Azure Firewall TCP Idle Timeout is four minutes. This setting isn't user configurable, but you can contact Azure Support to increase the idle timeout up to 30 minutes.
+          A standard behavior of a network firewall is to ensure TCP connections are kept alive and to promptly close them if there's no activity. Azure Firewall TCP Idle Timeout is four minutes. This setting isn't user configurable, but you can contact Azure Support to increase the Idle Timeout for inbound connections up to 30 minutes. Idle Timeout for outbound or east-west traffic cannot be changed.
 
           If a period of inactivity is longer than the timeout value, there's no guarantee that the TCP or HTTP session is maintained. A common practice is to use a TCP keep-alive. This practice keeps the connection active for a longer period. For more information, see the [.NET examples](/dotnet/api/system.net.servicepoint.settcpkeepalive).
 
diff --git a/articles/firewall/long-running-sessions.md b/articles/firewall/long-running-sessions.md
@@ -5,7 +5,7 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: article
-ms.date: 10/03/2022
+ms.date: 01/04/2023
 ms.author: victorh 
 ---
 
@@ -31,7 +31,7 @@ The Azure Firewall engineering team updates the firewall on an as-needed basis (
 
 ### Idle timeout
 
-An idle timer is in place to recycle idle sessions. The default value is four minutes. Applications that maintain keepalives don't idle out. If the application needs more than 4 minutes (typical of IOT devices), you can contact support to extend the time to 30 minutes in the backend.
+An idle timer is in place to recycle idle sessions. The default value is four minutes. Applications that maintain keepalives don't idle out. If the application needs more than 4 minutes (typical of IOT devices), you can contact support to extent the time for inbound connections to 30 minutes in the backend. Idle timeout for outbound or east-west traffic cannot be changed.
 
 ### Auto-recovery
 
