51-7
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 51 Configuring Threat Detection
Configuring Advanced Threat Detection Statistics
Monitoring Advanced Threat Detection Statistics
To monitor advanced threat detection statistics, perform one of the following tasks:
Path Purpose
Home > Firewall Dashboard > Top 10 Access
Rules
Home > Firewall Dashboard > Top Usage
Statistics
Displays the top 10 statistics.
For the Top 10 Access Rules, permitted and denied traffic are not
differentiated in this display. In the Traffic Overview > Dropped Packets
Rate graph, you can track access list denies.
The Top 10 Sources and Top 10 Destinations tabs show statistics for hosts.
The Top 10 Services tab shows statistics for both ports and protocols (both
must be enabled for the display), and shows the combined statistics of
TCP/UDP port and IP protocol types. TCP (protocol 6) and UDP
(protocol 17) are not included in the display for IP protocols; TCP and
UDP ports are, however, included in the display for ports. If you only
enable statistics for one of these types, port or protocol, then you will only
view the enabled statistics.
The Top Ten Protected Servers under SYN Attack area shows the TCP
Intercept statistics. The display includes the top 10 protected servers
under attack. The detail button shows history sampling data. The adaptive
security appliance samples the number of attacks 30 times during the rate
interval, so for the default 30 minute period, statistics are collected every
60 seconds.
From the Interval drop-down list, choose Last 1 hour, Last 8 hour, or
Last 24 hour.
To Next Page
Loading...
Need help?
General
