Cisco Systems ASA 5525-X Network Router User Manual


  Open as PDF
of 2086
 
3-23
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 3 Using the ASDM User Interface
Home Pane (Single Mode and Context)
Top Ten Protected Servers Under SYN Attack Pane
Disabled by default. This area includes an Enable button that lets you enable the feature, or you can
enable it according to the “Configuring Basic Threat Detection Statistics” section on page 60-4.
Statistics for the top ten protected servers under attack are displayed.
For the average rate of attack, the ASA samples the data every 30 seconds over the rate interval (by
default 30 minutes).
If there is more than one attacker, then “<various>” displays, followed by the last attacker IP address.
Click Detail to view statistics for all servers (up to 1000) instead of just 10 servers. You can also view
history sampling data. The ASA samples the number of attacks 60 times during the rate interval, so for
the default 30-minute period, statistics are collected every 60 seconds.
Top 200 Hosts Pane
Disabled by default. Shows the top 200 hosts connected through the ASA. Each entry of a host contains
the IP address of the host and the number of connections initiated by the host, and is updated every 120
seconds. To enable this display, enter the hpm topnenable command.
Top Botnet Traffic Filter Hits Pane
Disabled by default. This area includes links to configure the Botnet Traffic Filter. Reports of the top ten
botnet sites, ports, and infected hosts provide a snapshot of the data, and may not match the top ten items
since statistics started to be collected. If you right-click an IP address, you can invoke the whois tool to
learn more about the botnet site.
For more information, see Chapter 59, “Configuring the Botnet Traffic Filter.”
Content Security Tab
The Content Security tab lets you view important information about the Content Security and Control
(CSC) SSM. This pane appears only if CSC software running on the CSC SSM is installed in the ASA.
For an introduction to the CSC SSM, see the “Information About the CSC SSM” section on page 64-1.
Note If you have not completed the CSC Setup Wizard by choosing Configuration > Trend Micro Content
Security > CSC Setup, you cannot access the panes under Home > Content Security. Instead, a dialog
box appears and lets you access the CSC Setup Wizard directly from this location.