EasyManuals Logo

Cisco ASA 5555-X Configuration Guide

Cisco ASA 5555-X
428 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #418 background imageLoading...
Page #418 background image
18-4
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 18 Threat Detection
Defaults for Threat Detection
Defaults for Threat Detection
Basic threat detection statistics are enabled by default.
The following table lists the default settings. You can view all these default settings using the show
running-config all threat-detection command.
For advanced statistics, by default, statistics for ACLs are enabled.
Configure Threat Detection
Basic threat detection statistics are enabled by default, and might be the only threat detection service that
you need. Use the following procedure if you want to implement additional threat detection services.
Table 18-2 Basic Threat Detection Default Settings
Packet Drop Reason
Trigger Settings
Average Rate Burst Rate
• DoS attack detected
• Bad packet format
• Connection limits exceeded
• Suspicious ICMP packets
detected
100 drops/sec over the last 600
seconds.
400 drops/sec over the last 20
second period.
80 drops/sec over the last 3600
seconds.
320 drops/sec over the last 120
second period.
Scanning attack detected 5 drops/sec over the last 600
seconds.
10 drops/sec over the last 20
second period.
4 drops/sec over the last 3600
seconds.
8 drops/sec over the last 120
second period.
Incomplete session detected such as
TCP SYN attack detected or UDP
session with no return data attack
detected (combined)
100 drops/sec over the last 600
seconds.
200 drops/sec over the last 20
second period.
80 drops/sec over the last 3600
seconds.
160 drops/sec over the last 120
second period.
Denial by ACLs 400 drops/sec over the last 600
seconds.
800 drops/sec over the last 20
second period.
320 drops/sec over the last
3600 seconds.
640 drops/sec over the last 120
second period.
• Basic firewall checks failed
• Packets failed application
inspection
400 drops/sec over the last 600
seconds.
1600 drops/sec over the last 20
second period.
320 drops/sec over the last
3600 seconds.
1280 drops/sec over the last 120
second period.
Interface overload 2000 drops/sec over the last
600 seconds.
8000 drops/sec over the last 20
second period.
1600 drops/sec over the last
3600 seconds.
6400 drops/sec over the last 120
second period.

Table of Contents

Other manuals for Cisco ASA 5555-X

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5555-X and is the answer not in the manual?

Cisco ASA 5555-X Specifications

General IconGeneral
Firewall Throughput4 Gbps
Maximum Concurrent Sessions1, 000, 000
Security Contexts50
VPN Throughput1.2 Gbps
RAM8 GB
Storage120 GB SSD
Power SupplyDual, Hot-swappable
Form Factor1RU
Interfaces8 x 1 Gigabit Ethernet

Related product manuals