Cisco Systems ASA 5505 Webcam User Manual


 
CHAPTER
27-1
Cisco ASA Series Firewall ASDM Configuration Guide
27
Configuring Threat Detection
This chapter describes how to configure threat detection statistics and scanning threat detection and
includes the following sections:
Information About Threat Detection, page 27-1
Licensing Requirements for Threat Detection, page 27-1
Configuring Basic Threat Detection Statistics, page 27-2
Configuring Advanced Threat Detection Statistics, page 27-5
Configuring Scanning Threat Detection, page 27-8
Information About Threat Detection
The threat detection feature consists of the following elements:
Different levels of statistics gathering for various threats.
Threat detection statistics can help you manage threats to your ASA; for example, if you enable
scanning threat detection, then viewing statistics can help you analyze the threat. You can configure
two types of threat detection statistics:
Basic threat detection statistics—Includes information about attack activity for the system as a
whole. Basic threat detection statistics are enabled by default and have no performance impact.
Advanced threat detection statistics—Tracks activity at an object level, so the ASA can report
activity for individual hosts, ports, protocols, or ACLs. Advanced threat detection statistics can
have a major performance impact, depending on the statistics gathered, so only the ACL
statistics are enabled by default.
Scanning threat detection, which determines when a host is performing a scan.
You can optionally shun any hosts determined to be a scanning threat.
Licensing Requirements for Threat Detection
The following table shows the licensing requirements for this feature:
Model License Requirement
All models Base License.