If someone in the network uses packet generator tools or Ping to dump huge continuous packet flows into network, the network performance would be heavily impacted. Can they be traped with first time alert? Thanks!
In order to monitor your network and check unusual activities, you have to sniff the traffic and see for anything irrregular. IDS (Intrution Detection System) is what you need, you can span your VLAN traffic to the IDS box and IDS box has a signature database which will alert you if there is unusual/irregular traffic pattern eg; ping floods, port scan, etc.
Check the Cisco's website and you will find lots of information on Cisco IDS.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...