https://community.cisco.com/t5/network-security/asa-see-the-proxy-as-attacker/m-p/1327034#M824591 <HTML><HEAD></HEAD><BODY><P>threat-detection pulls statistic from the traffic of all the hosts. Since you proxy is doing all your http it is identified as a host that is "doing to much". It is normal.</P><P></P><P>You cannot disable it from showing up in the threat detection stats though.</P><P></P><P>I hope it helps.</P><P></P><P>PK</P><P></P></BODY></HTML> Thu, 29 Oct 2009 16:55:03 GMT Panos Kampanakis 2009-10-29T16:55:03Z https://community.cisco.com/t5/network-security/asa-see-the-proxy-as-attacker/m-p/1327033#M824580 <P>we r using ASA5510 for internet link.</P><P>we activated basic threat detection.</P><P>to access internet users must use one BlueCoat Proxy.</P><P>in ASA i allowed all IP traffic coming from the proxy.</P><P>in firewall dashboard, under Top 10 protected servers under sync attack, i can see that my proxy is always an attacker for many external servers.</P><P>why this is happen? can i add my proxy as a trusted host?</P> Mon, 11 Mar 2019 16:33:36 GMT https://community.cisco.com/t5/network-security/asa-see-the-proxy-as-attacker/m-p/1327033#M824580 ohassairi 2019-03-11T16:33:36Z https://community.cisco.com/t5/network-security/asa-see-the-proxy-as-attacker/m-p/1327034#M824591 <HTML><HEAD></HEAD><BODY><P>threat-detection pulls statistic from the traffic of all the hosts. Since you proxy is doing all your http it is identified as a host that is "doing to much". It is normal.</P><P></P><P>You cannot disable it from showing up in the threat detection stats though.</P><P></P><P>I hope it helps.</P><P></P><P>PK</P><P></P></BODY></HTML> Thu, 29 Oct 2009 16:55:03 GMT https://community.cisco.com/t5/network-security/asa-see-the-proxy-as-attacker/m-p/1327034#M824591 Panos Kampanakis 2009-10-29T16:55:03Z