Cisco Cisco Firepower 4120 Security Appliance
Table 182: DefensePro Attack-Protection IDs (cont.)
ID Number
or Range
or Range
Attack-Protection
Name
Name
Category
(for
Reporting)
Reporting)
Defau
lt
Risk
lt
Risk
Defau
lt
Actio
n
lt
Actio
n
Repo
rt
Actio
n
rt
Actio
n
Description
753
GRE session dropped
Stateful-ACL
High
Drop
Reports on traffic that matched an ACL
policy.
754
GRE session allowed
Stateful-ACL
Info
Forward
Reports on traffic that matched an ACL
policy.
755
SCTP session dropped
Stateful-ACL
High
Drop
Reports on traffic that matched an ACL
policy.
756
SCTP session allowed
Stateful-ACL
Info
Forward
Reports on traffic that matched an ACL
policy.
1,000–100,000
DoS Shield signatures or
intrusion-protection
signatures
DoS
Range for signatures, from the Security
Operations Center (SOC) Signature file.
Odd ID numbers are DoS shield
signatures. Even ID numbers are
Intrusion signature.
200,000
HTTP
SynFlood
Medium
According to
policy Action
Predefined HTTP-SYN-flood attack
protection.
200,001
HTTPS
SynFlood
Medium
According to
policy Action
Predefined HTTPS-SYN-flood attack
protection.
200,002
RTSP
SynFlood
Medium
According to
policy Action
Predefined RTSP-SYN-flood attack
protection.
200,003
FTP_CTRL
SynFlood
Medium
According to
policy Action
Predefined FTP_CTRL-SYN-flood attack
protection.
200,004
POP3
SynFlood
Medium
According to
policy Action
Predefined POP3-SYN-flood attack
protection.
200,005
IMAP
SynFlood
Medium
According to
policy Action
Predefined IMAP-SYN-flood attack
protection.
200,006
SMTP
SynFlood
Medium
According to
policy Action
Predefined SMTP-SYN-flood attack
protection.
200,007
TELNET
SynFlood
Medium
According to
policy Action
Predefined TELNET-SYN-flood attack
protection.
© 2016 Cisco | Radware. All rights reserved. This document is Cisco Public.
Page 263 of 281