Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
243
Views
0
Helpful
2
Replies

PIX 515E discards

jlixfeld
Level 1
Level 1

‎09-24-2007 01:38 PM

I installed a new monitoring package which monitors, among other things discards on interfaces. It's notified me of excessive discards on my PIX interfaces; inside, outside and DMZ - some as high as 5%.

What is the source of discards? Is a discard when the PIX drops a packet that doesn't match the device's security policy?

Labels:
0 Helpful
2 Replies 2

jlixfeld
Level 1
Level 1

‎09-25-2007 01:24 PM

Nobody? Nothing?

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to jlixfeld

‎09-25-2007 02:12 PM

Hi

A discard can occur for quite a few reasons but basically you are correct in the way you describe it, ie. a packet that does not conform to the security policy of the firewall, whether that be the explicit access-lists in use or implicit rules of the pix such as the way it handles fragmentation.

Hope this has answered your question

Jon

0 Helpful
Customers Also Viewed These Support Documents