Cisco Cisco Firepower 4120 Security Appliance
Table 50: Packet-Anomaly Protection Parameters
Parameter
Description
ID
(Read-only) The ID number for the packet-anomaly protection. The ID is a
Radware ID that appears in the trap sent to APSolute Vision Security logs.
Protection Name
(Read-only) The name of the packet-anomaly protection.
Action
The action that the device takes when the packet anomaly is detected. The action
is only for the specified packet-anomaly protection.
Values:
Values:
•
Drop—The device discards the anomalous packets and issues a trap.
•
Report—The device issues a trap for anomalous packets. If the Report
Action
Action
is Process, the packet goes to the rest of the device modules. If
the Report Action is Bypass, the packet bypasses the rest of the
device modules.
•
No Report—The device issues no trap for anomalous packets. If the
Report Action
Report Action
is Process, the packet goes to the rest of the device
modules. If the Report Action is Bypass, the packet bypasses the rest of
the device modules.
Note:
Click Drop All to set the Action for all packet-anomaly protections to
Drop
. Click Report All to set the Action for all packet-anomaly protections
to Report. Click No Report All to set the Action for all packet-anomaly
protections to No Report.
Risk
The risk associated with the trap for the specific anomaly. Values:
Info, Low, Medium, High
Default: Info
Info, Low, Medium, High
Default: Info
Report Action
The action that the DefensePro device takes on the anomalous packets when the
specified Action is Report or No Report. The Report Action option is only for
the specified packet-anomaly protection.
Values:
Values:
•
Bypass—The anomalous packets bypass the device.
•
Process—The DefensePro modules process the anomalous
packets. If the anomalous packets are part of an attack,
DefensePro can mitigate the attack.
Note:
You cannot select Process for the following packet-anomaly
protections:
•
104—Invalid IP Header or Total Length
•
107—Inconsistent IPv6 Headers
•
131—Invalid L4 Header Length
© 2016 Cisco | Radware. All rights reserved. This document is Cisco Public.
Page 99 of 281