Cisco Systems ASA 5585-X Manual De Usuario

Descargar
Página de 712
 
27-16
Cisco ASA Series Firewall CLI Configuration Guide
 
Chapter 27      Configuring Threat Detection
  Configuring Scanning Threat Detection
Guidelines and Limitations
This section includes the guidelines and limitations for this feature:
Security Context Guidelines
Supported in single mode only. Multiple mode is not supported.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
Types of Traffic Monitored
Only through-the-box traffic is monitored; to-the-box traffic is not included in threat detection.
Traffic that is denied by an ACL does not trigger scanning threat detection; only traffic that is 
allowed through the ASA and that creates a flow is affected by scanning threat detection.
Default Settings
 lists the default rate limits for scanning threat detection.
The burst rate is calculated as the average rate every N seconds, where N is the burst rate interval. The 
burst rate interval is 1/30th of the rate interval or 10 seconds, whichever is larger.
Table 27-5
Default Rate Limits for Scanning Threat Detection
Average Rate
Burst Rate
5 drops/sec over the last 600 seconds.
10 drops/sec over the last 20 second period.
5 drops/sec over the last 3600 seconds.
10 drops/sec over the last 120 second period.