| Traffic Threshold Filters |
Table | |
|
|
Column | Definition |
|
|
|
|
Type | Select the traffic protocol or application type of the traffic to be |
| monitored: |
| • Protocol — monitor traffic from the selected protocol: TCP, |
| Other, ICMP, and UDP. |
| • Application — monitor traffic for the selected application type |
| on the specified port: TCP or UDP and the Port. |
| Apply to: specify whether the filter monitor tracks requests, |
| replies, or both. |
|
|
Period | The period of time for the historical data used to calculate the |
| baseline traffic rate: minute, hour, day, 7 days, 30 days, and 35 |
| days. |
|
|
Configure a Traffic Threshold Filter
STEP 1 STEP 2
STEP 3
From the LSM menu, select IPS > Traffic Threshold.
On the Traffic Threshold Filters page, click Create or click on the name of the Traffic Threshold filter you want to edit.
On the Create/Edit Traffic Threshold Filters page in the Filter Parameters section, type or edit the Filter Name.
STEP 4 Select the traffic source and destination security zones in the Incoming Security Zone and Outgoing Security Zone
STEP 5
STEP 6
STEP 7
In the Units per Second field, select the traffic units you want to track: Packets, Bytes, or Connections. Then, specify the historical time period used to calculate the baseline traffic level to compare against: minute, hour, day, 7 days, 30 days, and .
For Monitoring, select an option: Monitor only or Monitor with thresholds.
The monitor only option sets the device to generate a report without triggering traffic thresholds.
Configure up to 4 threshold parameter settings, state (enable/disable), and action for the fil- ter:
Thresholds settings are specified as a percentage change from the “normal” baseline.
STEP A In Above Normal Major Threshold, select the Enabled check box, enter a percentage amount of normal. Then, select the action to perform when the filter triggers.
STEP B For Above Normal Minor, select the Enabled check box, enter a percentage amount of normal. Then, select the action to perform when the filter triggers.
STEP C For Below Normal Major, select the Enabled check box, enter a percentage amount of normal. Then, select the action to perform when the filter triggers.
X Family LSM User’s Guide V 2.5.1 | 43 |
|
|