Name: Cisco ASA 5555-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

18-4

Cisco ASA Series Firewall CLI Configuration Guide

Chapter 18 Threat Detection

Defaults for Threat Detection

Basic threat detection statistics are enabled by default.

The following table lists the default settings. You can view all these default settings using the show

running-config all threat-detection command.

For advanced statistics, by default, statistics for ACLs are enabled.

Configure Threat Detection

Basic threat detection statistics are enabled by default, and might be the only threat detection service that

you need. Use the following procedure if you want to implement additional threat detection services.

Table 18-2 Basic Threat Detection Default Settings

Packet Drop Reason

Trigger Settings

Average Rate Burst Rate

• DoS attack detected

• Bad packet format

• Connection limits exceeded

• Suspicious ICMP packets

detected

100 drops/sec over the last 600

seconds.

400 drops/sec over the last 20

second period.

80 drops/sec over the last 3600

seconds.

320 drops/sec over the last 120

second period.

Scanning attack detected 5 drops/sec over the last 600

seconds.

10 drops/sec over the last 20

second period.

4 drops/sec over the last 3600

seconds.

8 drops/sec over the last 120

second period.

Incomplete session detected such as

TCP SYN attack detected or UDP

session with no return data attack

detected (combined)

100 drops/sec over the last 600

seconds.

200 drops/sec over the last 20

second period.

80 drops/sec over the last 3600

seconds.

160 drops/sec over the last 120

second period.

Denial by ACLs 400 drops/sec over the last 600

seconds.

800 drops/sec over the last 20

second period.

320 drops/sec over the last

3600 seconds.

640 drops/sec over the last 120

second period.

• Basic firewall checks failed

• Packets failed application

inspection

400 drops/sec over the last 600

seconds.

1600 drops/sec over the last 20

second period.

320 drops/sec over the last

3600 seconds.

1280 drops/sec over the last 120

second period.

Interface overload 2000 drops/sec over the last

600 seconds.

8000 drops/sec over the last 20

second period.

1600 drops/sec over the last

3600 seconds.

6400 drops/sec over the last 120

second period.

Other manuals for Cisco ASA 5555-X

Quick Start Guide14 pages

Cli Configuration Guide2164 pages

Hardware Installation Guide74 pages

Software Guide37 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco ASA 5555-X and is the answer not in the manual?

Cisco ASA 5555-X Specifications

General

Firewall Throughput	4 Gbps
Maximum Concurrent Sessions	1, 000, 000
Security Contexts	50
VPN Throughput	1.2 Gbps
RAM	8 GB
Storage	120 GB SSD
Power Supply	Dual, Hot-swappable
Form Factor	1RU
Interfaces	8 x 1 Gigabit Ethernet

Related product manuals

Cisco ASA 5550 Series

5505 - ASA Firewall Edition Bundle

2 pages

Cisco ASA 5555-X Configuration Guide

Table of Contents

Other manuals for Cisco ASA 5555-X

Questions and Answers:

Cisco ASA 5555-X Specifications

Related product manuals