Cisco Systems ASA 5580 Manual De Usuario

The following example configures basic threat detection statistics, and changes the DoS attack rate 
settings. All advanced threat detection statistics are enabled, with the host statistics number of rate 
intervals lowered to 2. The TCP Intercept rate interval is also customized. Scanning threat detection is 
enabled with automatic shunning for all addresses except 10.1.1.0/24. The scanning threat rate intervals 
are customized.

threat-detection basic-threat

threat-detection rate dos-drop rate-interval 600 average-rate 60 burst-rate 100

threat-detection statistics

threat-detection statistics host number-of-rate 2

threat-detection statistics tcp-intercept rate-interval 60 burst-rate 800 average-rate 600

threat-detection scanning-threat shun except ip-address 10.1.1.0 255.255.255.0

threat-detection rate scanning-threat rate-interval 1200 average-rate 10 burst-rate 20

threat-detection rate scanning-threat rate-interval 2400 average-rate 10 burst-rate 20

Burst rate interval changed to 1/30th of the 
average rate.

8.2(1)

In earlier releases, the burst rate interval was 1/60th of the 
average rate. To maximize memory usage, the sampling 
interval was reduced to 30 times during the average rate.

Improved memory usage

8.3(1)

The memory usage for threat detection was improved.