HP X Unified Security Platform Traffic Threshold Configuration Parameters

Column

Definition

Filter Name

Name of the filter

Incoming Security Zone

Select the security zones for the traffic source (incoming) and

Outgoing Security Zone

destination (outgoing). Only zones with a physical port are

included in the selection list.

Note The security zone pair that you select must be

configured on a Security Profile. Otherwise, traffic

between the zones is not inspected by IPS and the

Security Profile page displays the following message:

No security profile is assigned to the security

zones. Traffic will NOT be inspected by the IPS.

Units per Second

Select the type of traffic units to track: Packets, Bytes, and

Connections. Then, select the period of time for the historical

data used to calculate changes in traffic rates: hour, day, 7 days,

30 days, 35 days.

Monitoring

Determines the action for the Traffic Threshold filter. Select one of

the following:

• Monitor only — device generates a Traffic Threshold report

without triggering traffic threshold (no alerts are generated)

• Monitor with thresholds —when the threshold is triggered, the

device performs the action configured for the threshold.

Enabled

For each threshold setting, check to enable the threshold. To

disable the threshold, clear the check box.

Action

For each threshold setting, select an action to perform when the

filter triggers. The action only executes if the Traffic Threshold

filter monitoring state is set to Monitor with thresholds.

Above Normal

Major % — Percentage of traffic highly over the threshold

Minor % — Percentage of traffic slightly over the threshold

Below Normal

Major % —Percentage of traffic highly under the threshold

Minor % —Percentage of traffic slightly under the threshold