Guys I been trying to understand the threat detection on the ASA. I understand that these firewalls come with basic features.
But once the threat detection is configured what benefit does it have for the network admin?
An example of this is where we can configure the acl-drop rule, but what would be the difference from the firewall denying the packet compared to the threat being raised?
I may be wrong but the only benefit I see is purely based alerting, but I may be wrong.
I would appreciate any comments on the above.
Sent from Cisco Technical Support iPhone App
