Cisco Systems ASA 5580 Manual De Usuario
27-7
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 27 Configuring Threat Detection
Configuring Advanced Threat Detection Statistics
Security Context Guidelines
Only TCP Intercept statistics are available in multiple mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
Types of Traffic Monitored
Only through-the-box traffic is monitored; to-the-box traffic is not included in threat detection.
Default Settings
By default, statistics for ACLs are enabled.
Configuring Advanced Threat Detection Statistics
By default, statistics for ACLs are enabled. To enable other statistics, perform the following steps.
Detailed Steps
Command
Purpose
Step 1
threat-detection statistics
Example:
ciscoasa(config)# threat-detection statistics
(Optional) Enables all statistics.
To enable only certain statistics, enter this command
for each statistic type (shown in this table), and do
not also enter the command without any options.
You can enter threat-detection statistics (without
any options) and then customize certain statistics by
entering the command with statistics-specific
options (for example, threat-detection statistics
host number-of-rate 2). If you enter
threat-detection statistics (without any options)
and then enter a command for specific statistics, but
without any statistic-specific options, then that
command has no effect because it is already enabled.
for each statistic type (shown in this table), and do
not also enter the command without any options.
You can enter threat-detection statistics (without
any options) and then customize certain statistics by
entering the command with statistics-specific
options (for example, threat-detection statistics
host number-of-rate 2). If you enter
threat-detection statistics (without any options)
and then enter a command for specific statistics, but
without any statistic-specific options, then that
command has no effect because it is already enabled.
If you enter the no form of this command, it removes
all threat-detection statistics commands, including
the threat-detection statistics access-list
command, which is enabled by default.
all threat-detection statistics commands, including
the threat-detection statistics access-list
command, which is enabled by default.
Step 2
threat-detection statistics access-list
Example:
ciscoasa(config)# threat-detection statistics
access-list
(Optional) Enables statistics for ACLs (if they were
disabled previously). Statistics for ACLs are enabled
by default. ACL statistics are only displayed using
the show threat-detection top access-list
command. This command is enabled by default.
disabled previously). Statistics for ACLs are enabled
by default. ACL statistics are only displayed using
the show threat-detection top access-list
command. This command is enabled by default.