https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3401198#M954087 <P>The answer would be c, e, and f.</P> <P>&nbsp;</P> <P>The reason is because, as indicated in the link I provided earlier, those are the only parameters in that list that are limited by "rate" (vs. by a "concurrent" number).</P> Mon, 18 Jun 2018 14:30:38 GMT Marvin Rhoads 2018-06-18T14:30:38Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400815#M954081 <DIV class="jive-rendered-content"> <P>Dear experts,</P> <P style="min-height: 8pt; padding: 0px;">&nbsp;</P> <P>Is one able to rate limit below items when configuring security context on a ASA5520?</P> <P style="min-height: 8pt; padding: 0px;">&nbsp;</P> <P>1) NAT</P> <P>2)MAC Learning</P> <P>3) Stateful packet inspections</P> <P style="min-height: 8pt; padding: 0px;">&nbsp;</P> <P>My understanding is that only ASDM sessions rate and connections rate as well as syslog msg rates are the only options to rate limit? Am I wrong? your input is much appreciated.</P> </DIV> Fri, 21 Feb 2020 15:53:29 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400815#M954081 niima 2020-02-21T15:53:29Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400819#M954082 <P>Yes to all three - as well as several others you didn't mention.&nbsp;</P> <P>&nbsp;</P> <P>A complete listing can be found here:</P> <P>&nbsp;</P> <P><A href="https://www.cisco.com/c/en/us/td/docs/security/asa/asa99/configuration/general/asa-99-general-config/ha-contexts.html#ID-2171-00000181" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/asa/asa99/configuration/general/asa-99-general-config/ha-contexts.html#ID-2171-00000181</A></P> Sun, 17 Jun 2018 14:46:05 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400819#M954082 Marvin Rhoads 2018-06-17T14:46:05Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400825#M954083 <P>Hi Marvin,</P> <P>&nbsp;</P> <P>Appreciate your prompt response. However I am a bit confused. The list mentions about mac-address and inspect. (attached)</P> <P>&nbsp;</P> <P><STRONG>mac-address:</STRONG> does it mean the rate limit of <U>mac address learning</U> in a second or its only the <U>maximum number</U> of macs in the mac table?</P> <P>&nbsp;</P> <P class="p"><STRONG>inspect: </STRONG>is it only Application inspections per second or its stateful packet inspection as well? (I don't think this two are the same, are they?)</P> <P>&nbsp;</P> <P>&nbsp;</P> Sun, 17 Jun 2018 14:55:25 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400825#M954083 niima 2018-06-17T14:55:25Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400828#M954084 <P>You're welcome.</P> <P>&nbsp;</P> <P>For mac address it's the latter.</P> <P>&nbsp;</P> <P>Inspects is (are) application inspections per second.</P> <P>&nbsp;</P> <P>What's the use case you're looking to address with the answer to these questions?</P> Sun, 17 Jun 2018 15:01:13 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400828#M954084 Marvin Rhoads 2018-06-17T15:01:13Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400833#M954085 <P>I am preparing for an exam, I came up to a question that I found in a discussion forum which many people are arguing on different answers.</P> <P>&nbsp;</P> <P>It is asking: which three resource class limits can be set using a rate limit? (Choose three.)<BR /><BR />A. address translation rate<BR />B. Cisco ASDM session rate<BR />C. connections rate<BR />D. MAC-address learning rate (when in transparent mode)<BR />E. syslog messages rate<BR />F. stateful packet inspections rate</P> Sun, 17 Jun 2018 15:43:27 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400833#M954085 niima 2018-06-17T15:43:27Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400934#M954086 So what are your thoughts Melvin? Mon, 18 Jun 2018 05:19:34 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3400934#M954086 niima 2018-06-18T05:19:34Z https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3401198#M954087 <P>The answer would be c, e, and f.</P> <P>&nbsp;</P> <P>The reason is because, as indicated in the link I provided earlier, those are the only parameters in that list that are limited by "rate" (vs. by a "concurrent" number).</P> Mon, 18 Jun 2018 14:30:38 GMT https://community.cisco.com/t5/network-security/asa-security-contexts-rate-limit/m-p/3401198#M954087 Marvin Rhoads 2018-06-18T14:30:38Z