Cisco Cisco FirePOWER Appliance 8390
24-9
FireSIGHT System User Guide
Chapter 24 Using Performance Settings in an Intrusion Policy
Performance Statistics Configuration
Step 4
You have two choices, depending on whether
Latency-Based Rule Handling
under Performance Settings is
enabled:
•
If the configuration is enabled, click
Edit
.
•
If the configuration is disabled, click
Enabled
, then click
Edit
.
The Latency-Based Rule Handling page appears. A message at the bottom of the page identifies the
intrusion policy layer that contains the configuration. See
intrusion policy layer that contains the configuration. See
for more information.
Step 5
table for recommended minimum
Threshold
settings.
Step 6
Optionally, click
Configure Rules for Latency-Based Rule Handling
at the top of the page to display rules
associated with individual options.
Click
Back
to return to the Latency-Based Rule Handling page.
Step 7
Save your policy, continue editing, discard your changes, revert to the default configuration settings in
the base policy, or exit while leaving your changes in the system cache. See the
the base policy, or exit while leaving your changes in the system cache. See the
table for more information.
Performance Statistics Configuration
License:
Protection
You can configure the basic parameters of how devices monitor and report on their own performance.
This allows you to specify the intervals at which the system updates performance statistics on your
devices by configuring the following:
This allows you to specify the intervals at which the system updates performance statistics on your
devices by configuring the following:
•
number of seconds
•
number of packets analyzed
Caution
Do not apply an access control policy that includes an intrusion policy with the Performance Statistics
Log Session/Protocol Distribution
check box selected unless directed to do so by Support.
When the number of seconds specified has elapsed since the last performance statistics update, the
system verifies that the specified number of packets has been analyzed. If so, the system updates
performance statistics. If not, the system waits until the specified number of packets has been analyzed.
system verifies that the specified number of packets has been analyzed. If so, the system updates
performance statistics. If not, the system waits until the specified number of packets has been analyzed.
To configure basic performance statistics parameters:
Access:
Admin/Intrusion Admin
Step 1
Select
Policies > Intrusion > Intrusion Policy.
The Intrusion Policy page appears.
Step 2
Click the edit icon (
) next to the policy you want to edit.
If you have unsaved changes in another policy, click
OK
to discard those changes and continue. See
for information on saving unsaved changes in another
policy.
The Policy Information page appears.