ASA 8.0 Threat Detection

Unanswered Question
Aug 14th, 2007

Threat detection provides the option to shun addresses once a threat alarm has triggered. What is the shun timeout?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rmeans Mon, 08/20/2007 - 09:32

I opened a TAC case and got the following information.

1. There is no timer associated with firewall shun or threat detection shun

2. A host stays in the shunned list indefinitely unless one of the following happens:

i) The "clear threat-detection shun" command is executed by the user

ii) The firewall is reloaded/power cycled


This Discussion