Cisco Cisco ASA 5505 Adaptive Security Appliance Manual Técnica
15
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(6)
Advanced Threat Detection
</vnsDevFolder>
</vnsDevFolder>
</vnsLDevVip>
</fvTenant>
</polUni>
Advanced Threat Detection
This XML example sets up advanced threat detection statistics.
ASA Configuration
threat-detection statistics host
threat-detection statistics port number-of-rate 2
threat-detection statistics protocol number-of-rate 3
threat-detection statistics tcp-intercept rate-interval 50 burst-rate 200 average-rate 100
XML Example
<polUni>
<fvTenant name="tenant1">
<vnsLDevVip name="Firewall">
<vnsDevFolder key="AdvancedThreatDetection" name="AdvScan" >
<vnsDevParam key="access_list" name="status5" value="enable"/>
<vnsDevFolder key="AdvancedThreatDetectionTcpIntercept" name="AdvScanTCPInt" >
<vnsDevParam key="status" name="AdvRateStatus" value="enable"/>
<vnsDevParam key="average_rate" name="AdvRate" value="100"/>
<vnsDevParam key="rate_interval" name="AdvRI" value="50"/>
<vnsDevParam key="burst_rate" name="AdvBR" value="200"/>
</vnsDevFolder>
<vnsDevFolder key="AdvancedThreatDetectionHost" name="AdvScanHost" >
<vnsDevParam key="status" name="HostStatus" value="enable"/>
<vnsDevParam key="number_of_rate" name="HostRate" value="1"/>
</vnsDevFolder>
<vnsDevFolder key="AdvancedThreatDetectionPort" name="AdvScanPort" >
<vnsDevParam key="status" name="PortStatus" value="enable"/>
<vnsDevParam key="number_of_rate" name="PortRate" value="2"/>
</vnsDevFolder>
<vnsDevFolder key="AdvancedThreatDetectionProtocol" name="AdvScanProtocol" >
<vnsDevParam key="status" name="ProtocolStatus" value="enable"/>
<vnsDevParam key="number_of_rate" name="ProtocolRate" value="3"/>
</vnsDevFolder>
</vnsDevFolder>
</vnsLDevVip>
</fvTenant>
</polUni>