We have a Sonicwall TZ180 running at our primary site. The site is our "primary" site because it hosts our e-mail. We have a Barracuda Spam 300 scanning all incoming mail. All users outside of this office (we have two other offices) access e-mail via RPC over HTTP. I am the only one with remote access ability. Recently, I've noticed that sometimes, the users can get out, but I cannot get in. That is, everyone within this office can access the Exchange server, network files, and the Internet without a hitch, but at our other two sites, users cannot access their e-mail and I cannot remote in. I had one of my trusted users log in to the Sonicwall today and she said it was showing 370 connections. After resetting the device, all was well. I'm assuming these are incoming connections? If so, what's a "good" number and what's a "bad" number? Are these attacks from the outside? Is there anything I can do to circumvent this problem?