Hello,
Any one configured ASA5585-X threat detection to auto shun IP Address which are doing port scan..
acl-deny is happening to ports which are not open. But i want to auto-shun the same
I have tried below steps
threat-detection Basic-Threat
threat-detection rate scanning-threat rate-interval 600 average-rate 10 burst-rate 15
If i configure burst-rate to 0 it will trigger which is not acceptable-solution..
Regards,
-Danish