I see following message very frequent on ASA ASDM Syslog messages window; what could be possible reason of these messages and what is the remedy to it.
[ Scanning] drop rate-1 exceeded. Current burst rate is 42 per second, max configured rate is 10; Current average rate is 60 per second, max configured rate is 5; Cumulative total count is 36350
That's up to you :-)
The defaults are pretty OK, but it's hard to configure something that would be optimal for everyone.
It's not only that.
There is certain level of "inteligence" built into TD that should catch detect attack.
But riddle me this, how is TD supposed to differentiate between an actual attack and a misconfigured network device flooding/looping packets.
A typical scenario I saw causing this, syslog/snmp packets sent through the firewall coincidentally were treated as an attack because of the amount of packets in short bursts. In this case the root cause turned out ot be ops personel setting logging level to high for some unrelated troubleshooting session and not setting it back.