Clarification on what the "cidsHealthPacketDenialRate" SNMP Object Shows.
I was wondering if anyone had further clarification on what the cidsHealthPacketDenialRate SNMP object shows. This is one of the objects we monitor and will alert on when this object shows that packets are being denied but I am wondering what the output from this really means. According to the description of the object it displays "the percentage of packets denied due to protocol and security violations."
Does this mean that the IPS is dropping the packets due to triggered signatures or that it is not inspecting packets because something is wrong with them or something else? It doesn't seem like it triggers when packets are dropped because of a triggered signature because we have MARS configured to alert on when traffic is dropped by the IPS because of the severity of a triggered signature and we don't get these alerts when this object shows packets being denied.
We would like to get a better idea of what the output from this SNMP object shows to see if we need to monitor the output from this object or not.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...