Cisco Cisco ASA 5580 Adaptive Security Appliance Technical Manual
14
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(3)
Scanning Threat Detection
</vnsDevFolder>
</vnsLDevVip>
</fvTenant>
</polUni>
Scanning Threat Detection
This XML example sets up the scanning threat detection rate.
ASA Configuration
threat-detection rate scanning-threat rate-interval 600 average-rate 100 burst-rate 40
threat-detection scanning-threat shun
XML Example
<polUni>
<fvTenant name="tenant1">
<vnsLDevVip name="Firewall">
<vnsDevFolder key="ScanningThreatDetection" name="ScanTD1">
<vnsDevParam key="scanning_threat" name="Scan1" value="enable"/>
<vnsDevParam key="shun_status" name="Shun1" value="enable"/>
<vnsDevFolder key="ScanningThreatRate" name="ScanTDrate">
<vnsDevParam key="average_rate" name="ar1" value="100"/>
<vnsDevParam key="rate_interval" name="ri1" value="600"/>
<vnsDevParam key="burst_rate" name="br1" value="40"/>
</vnsDevFolder>
<vnsDevFolder key="ScanningThreatRate" name="ScanTDrate2">
<vnsDevParam key="average_rate" name="ar2" value="10"/>
<vnsDevParam key="rate_interval" name="ri2" value="660"/>
<vnsDevParam key="burst_rate" name="br2" value="20"/>
</vnsDevFolder>
</vnsDevFolder>
</vnsLDevVip>
</fvTenant>
</polUni>
Advanced Threat Detection
This XML example sets up advanced threat detection statistics.
ASA Configuration
threat-detection statistics host
threat-detection statistics port number-of-rate 2
threat-detection statistics protocol number-of-rate 3
threat-detection statistics tcp-intercept rate-interval 50 burst-rate 200 average-rate 100