Does anyone know where I can find out the maximum number of denied attackers the ASA-SSM-10 running 6.1(1)E2 can handle? I see where you can set a timeout and total number for the denied hosts and denied network blocks but I haven't been able to find anything for the max number of denied attackers.
I'm am using this for a signature that is sometimes popular on our network and I'm concerned about impacting the performance of my IPS.
Blocks are for the modification of configuration on Switches, Routers, or Firewalls to get the other device to drop the traffic.
Denies are when the sensor itself drops the packets. The sensor must be operated in InLine mode for Denies to work.
To configure the max number of Denied Attackers you follow a similar procedure as rhermes posted, but it is controlled in the service event-action-rules rules0 configuration.
service event-action-rules rules0
The default I believe is 10,000, but can be configured to be much higher or lower. Increasing this number could have a performance affect on your sensor, so be carefull when increasing this above 10,000.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...