Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2067
Views
0
Helpful
1
Replies

FPR4140 - FTD Configuring Rate-Based Attack Prevention

RingoC
Level 1
Level 1

‎08-31-2018 07:42 AM - edited ‎02-21-2020 08:10 AM

I am looking for some baseline config values for the Rate-Based Attack Prevention in Network Analysis Policy for a FTD in routed mode (Edge Firewall).   

Coming from an ASA, the configurable values are totally different on the FTD and does not translate over at all.

I've searched a bit and have not come up with anyone sharing these, I know is dependent on the environment, however, there's also be some sort of standard baseline.

Any assistance will be appreciated. 

0 Helpful
1 Reply 1

Raghunath Kulkarni
Cisco Employee
Cisco Employee

‎09-05-2018 06:08 PM

Hi,

 

The way we do rate-based detection is dependent on the pre-processor configured as part of Intrusion Policy.

 

Basic overview of the feature is available in the config guide:

https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Detecting_Specific_Threats.html#ID-2236-00000330

 

I hope this provides some guidance on the values to be configured.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card