SYN flood protection(200) is the default setting to block the traffic if a particular source is sending more than 200 SYN-FLood packets per second. But this setting could be uneffective if the source is sending under 200 SYN-FLood packets per second and firewall will not able to block the traffic. For this kind of condition , you can set the setting for source and destination based limitation for e.g:
"set zone trust screen limit-session source-ip-based 80"
"set zone trust screen limit-session dstination-ip-based 80"
This will only allow to create only not 80 session based on source and destination IP address.
Please go to the following link on page 30 : http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/ce_v4.pdf for more setail
Also check the Flood that the first packet is SYN packet or non SYN packet , Firewall will not create a session if the first packet is NON-SYN packet with this command is enable "set flow tcp-syn-check".
If the incoming packets is not matching the existing session and session matching is based on IP add of source-destination and Ports of source and destination then Firewall has to create a new session for the incoming packets. So 4000pps will be 4000session/second.
I doubt NS200 would be able to support 11500 syn packet/sec ( session/sec). But it can support the 11500packet /sec if it is matching the existing session.
Thanks
Atif