Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Clarification on what the "cidsHealthPacketDenialRate" SNMP Object Shows.

Hello.

I was wondering if anyone had further clarification on what the cidsHealthPacketDenialRate SNMP object shows.  This is one of the objects we monitor and will alert on when this object shows that packets are being denied but I am wondering what the output from this really means.  According to the description of the object it displays "the percentage of packets denied due to protocol and security violations."

Does this mean that the IPS is dropping the packets due to triggered signatures or that it is not inspecting packets because something is wrong with them or something else?  It doesn't seem like it triggers when packets are dropped because of a triggered signature because we have MARS configured to alert on when traffic is dropped by the IPS because of the severity of a triggered signature and we don't get these alerts when this object shows packets being denied.

We would like to get a better idea of what the output from this SNMP object shows to see if we need to monitor the output from this object or not.

Jon.

Everyone's tags (2)
307
Views
0
Helpful
0
Replies