EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1432 background imageLoading...
Page #1432 background image
1-4
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Threat Detection
Configuring Basic Threat Detection Statistics
Configuring Basic Threat Detection Statistics
This section describes how to configure basic threat detection statistics, including enabling or disabling
it and changing the default limits.
Detailed Steps
Denial by access lists 400 drops/sec over the last 600
seconds.
800 drops/sec over the last 20
second period.
320 drops/sec over the last
3600 seconds.
640 drops/sec over the last 120
second period.
Basic firewall checks failed
Packets failed application
inspection
400 drops/sec over the last 600
seconds.
1600 drops/sec over the last 20
second period.
320 drops/sec over the last
3600 seconds.
1280 drops/sec over the last 120
second period.
Interface overload 2000 drops/sec over the last
600 seconds.
8000 drops/sec over the last 20
second period.
1600 drops/sec over the last
3600 seconds.
6400 drops/sec over the last 120
second period.
Table 1-1 Basic Threat Detection Default Settings (continued)
Packet Drop Reason
Trigger Settings
Average Rate Burst Rate
Command Purpose
Step 1
threat-detection basic-threat
Example:
hostname(config)# threat-detection
basic-threat
Enables basic threat detection statistics (if you previously
disabled it). Basic threat detection is enabled by default.
Step 2
threat-detection rate {acl-drop |
bad-packet-drop | conn-limit-drop |
dos-drop | fw-drop | icmp-drop |
inspect-drop | interface-drop |
scanning-threat | syn-attack}
rate-interval rate_interval average-rate
av_rate burst-rate burst_rate
Example:
hostname(config)# threat-detection rate
dos-drop rate-interval 600 average-rate 60
burst-rate 100
(Optional) Changes the default settings for one or more type of
event.
For a description of each event type, see the “Information About
Basic Threat Detection Statistics” section on page 1-2.
When you use this command with the scanning-threat keyword,
it is also used in the scanning threat detection feature (see the
“Configuring Scanning Threat Detection” section). If you do not
configure basic threat detection, you can still use this command
with the scanning-threat keyword to configure the rate limits for
scanning threat detection.
You can configure up to three different rate intervals for each
event type.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals