EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1097 background imageLoading...
Page #1097 background image
51-3
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 51 Configuring Threat Detection
Configuring Basic Threat Detection Statistics
Types of Traffic Monitored
Only through-the-box traffic is monitored; to-the-box traffic is not included in threat detection.
Default Settings
Basic threat detection statistics are enabled by default.
Table 51-1 lists the default settings. You can view all these default settings using the show
running-config all threat-detection command in Tools > Command Line Interface.
Table 51-1 Basic Threat Detection Default Settings
Packet Drop Reason
Trigger Settings
Average Rate Burst Rate
• DoS attack detected
• Bad packet format
• Connection limits exceeded
• Suspicious ICMP packets
detected
100 drops/sec over the last 600
seconds.
400 drops/sec over the last 10
second period.
80 drops/sec over the last 3600
seconds.
320 drops/sec over the last 60
second period.
Scanning attack detected 5 drops/sec over the last 600
seconds.
10 drops/sec over the last 10
second period.
4 drops/sec over the last 3600
seconds.
8 drops/sec over the last 60
second period.
Incomplete session detected such as
TCP SYN attack detected or no data
UDP session attack detected
(combined)
100 drops/sec over the last 600
seconds.
200 drops/sec over the last 10
second period.
80 drops/sec over the last 3600
seconds.
160 drops/sec over the last 60
second period.
Denial by access lists 400 drops/sec over the last 600
seconds.
800 drops/sec over the last 10
second period.
320 drops/sec over the last
3600 seconds.
640 drops/sec over the last 60
second period.
• Basic firewall checks failed
• Packets failed application
inspection
400 drops/sec over the last 600
seconds.
1600 drops/sec over the last 10
second period.
320 drops/sec over the last
3600 seconds.
1280 drops/sec over the last 60
second period.
Interface overload 2000 drops/sec over the last
600 seconds.
8000 drops/sec over the last 10
second period.
1600 drops/sec over the last
3600 seconds.
6400 drops/sec over the last 60
second period.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals