Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Can CS-MARS perform mitigation access-list on FWSM?

Hi guys!

I have couple questions:

1)Can CS-MARS perform mitigation access-list on FWSM?

2)How I can estimate how many events and netflows in one second recieve my MARS box.

Thanks

2 REPLIES
Gold

Re: Can CS-MARS perform mitigation access-list on FWSM?

Don't do mitigation and don't have FWSM, so I can't answer your first question. Regarding the second...There are a couple ways, neither is perfect but give you a good approximation.

a) Use the "Events and NetFlow" graph on the summary page. Divide the peak "avg/min" values by 60.

b) collect the logs using the pnlog command in the CLI. in the janus-logs.tar.gz you will find a janus_log file. This is the same data shown in Admin->System Maintenance->View Log Files...except now you can search through it better. Use a tool like grep to pull out and sort the message rates. the last entry is your peak.

> grep "PN-2016" janus_log | cut -d" " -f7 | sort -n

New Member

Re: Can CS-MARS perform mitigation access-list on FWSM?

Thank you for your answer, it is realy good help for me! About FWSM, I read in the config guides, MARS can perfom mitigation only on Layer 2 device, for FWSM MARS may only suggest shun commands, but not perform mitigation commands.

119
Views
5
Helpful
2
Replies
CreatePlease to create content