cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2944
Views
0
Helpful
2
Replies

FTD Threat Detection managment

Hello

I have FTD 6.4.0.8 with FMC, hardware ASA 5525-X.

And i have a lot of syslog messages: "[ Scanning] drop rate-1 exceeded. Current burst rate is 5 per second, max configured rate is 10; Current average rate is 16 per second, max configured rate is 5"

According to https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113685-asa-threat-detection.html i want to change average rate and burst rate of Basic Threat Detection.

But there are no CLI command like:

threat-detection rate acl-drop rate-interval 1200 average-rate 250 burst-rate 550

 Are there another ways to do this?

Thank you!

1 Accepted Solution

Accepted Solutions

Chakshu Piplani
Cisco Employee
Cisco Employee
2 Replies 2

Chakshu Piplani
Cisco Employee
Cisco Employee

You can configure these options via flex-config:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/flexconfig_policies.html

 

Regards,

Chakshu

 

Do rate helpful posts!

codewize
Level 1
Level 1

Can someone be so kind to walk me through the steps on configuring Threat-detection on an FTD box please. I've tried to use FelxConfig for other things and I just don't understand how to enter the commands I want to enter.

Review Cisco Networking for a $25 gift card