Cisco Cisco ASA for Nexus 1000V Series Switch Manuel Technique

This XML example sets up a basic threat detection rate for an ACL drop.

threat-detection rate acl-drop rate-interval 600 average-rate 0 burst-rate 0

<polUni>

    <fvTenant name="tenant1">

        <vnsLDevVip name="Firewall">

                  <vnsDevFolder key="BasicThreatDetection" name="BasicTD">

                    <vnsDevParam key="basic_threat" name="Basic1" value="enable"/>

                    <vnsDevFolder key="BasicThreatDetectionRateAclDrop" name="BasicTDACL">

                        <vnsDevParam key="rate_status" name="rs1" value="enable"/>

                        <vnsDevParam key="rate_interval" name="ri1" value="600"/>

                        <vnsDevParam key="average_rate" name="ar1" value="0"/>

                        <vnsDevParam key="burst_rate" name="br1" value="0"/>

                    </vnsDevFolder>

                </vnsDevFolder>

        </vnsLDevVip>

    </fvTenant>

</polUni>

This XML example sets up the scanning threat detection rate.

threat-detection rate scanning-threat rate-interval 600 average-rate 100 burst-rate 40

threat-detection scanning-threat shun

<polUni>

    <fvTenant name="tenant1">

        <vnsLDevVip name="Firewall">

                <vnsDevFolder key="ScanningThreatDetection" name="ScanTD1">

                    <vnsDevParam key="scanning_threat" name="Scan1" value="enable"/>

                    <vnsDevParam key="shun_status" name="Shun1" value="enable"/>

                    <vnsDevFolder key="ScanningThreatRate" name="ScanTDrate">

                        <vnsDevParam key="status" name="r1" value="enable"/>

                        <vnsDevParam key="average_rate" name="ar1" value="100"/>

                        <vnsDevParam key="rate_interval" name="ri1" value="600"/>

                        <vnsDevParam key="burst_rate" name="br1" value="40"/>

                    </vnsDevFolder>

                </vnsDevFolder>

        </vnsLDevVip>

    </fvTenant>

</polUni>