Can someone shed some light on this and provide insight on how to read this. I got the below commands on the ASA 9.5, 5516 threat-detection basic-threat threat-detection scanning-threat threat-detection statistics threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 When I do “show threat-detection scanning-threat” I get quite a bit of outside and inside IP show up. Is this normal? How come its there? When I do “show threat-detection summary and rate” I get quite a bit of hits that are blocked. Is this normal? What would happen if I didn’t have this enabled? Thanks!
No comments:
Post a Comment