AudioCodes Mediant 1000B User Manual page 152
Analog & digital voip media gateway enterprise session border controller gateway & e-sbc
Hide thumbs
Also See for Mediant 1000B:
- User manual (1281 pages) ,
- Hardware installation manual (92 pages) ,
- Configuration note (52 pages)
Table of Contents
Advertisement
Parameter
Threshold Scope
CLI: threshold-scope
[IDSRule_ThresholdScope]
Threshold Window
CLI: threshold-window
[IDSRule_ThresholdWindow]
Minor-Alarm Threshold
CLI: minor-alrm-thr
[IDSRule_MinorAlarmThreshold]
Major-Alarm Threshold
CLI: major-alrm-thr
[IDSRule_MajorAlarmThreshold]
Critical-Alarm Threshold
CLI: critical-alrm-thr
[IDSRule_CriticalAlarmThreshold]
Deny Threshold
[IDSRule_DenyThreshold]
Deny Period
[IDSRule_DenyPeriod]
User's Manual
[5] Abnormal flow =
Requests and responses without a matching
transaction user (except ACK requests)
Requests and responses without a matching
transaction (except ACK requests)
Defines the source of the attacker to consider in the device's
detection count.
[0] Global = All attacks regardless of source are counted
together during the threshold window.
[2] IP = Attacks from each specific IP address are counted
separately during the threshold window.
[3] IP+Port = Attacks from each specific IP address:port are
counted separately during the threshold window. This option
is useful for NAT servers, where numerous remote
machines use the same IP address but different ports.
However, it is not recommended to use this option as it may
degrade detection capabilities.
Defines the threshold interval (in seconds) during which the
device counts the attacks to check if a threshold is crossed.
The counter is automatically reset at the end of the interval.
The valid range is 1 to 1,000,000. The default is 1.
Defines the threshold that if crossed a minor severity alarm is
sent.
The valid range is 1 to 1,000,000. A value of 0 or -1 means not
defined.
Defines the threshold that if crossed a major severity alarm is
sent.
The valid range is 1 to 1,000,000. A value of 0 or -1 means not
defined.
Defines the threshold that if crossed a critical severity alarm is
sent.
The valid range is 1 to 1,000,000. A value of 0 or -1 means not
defined.
Defines the threshold that if crossed, the device blocks
(blacklists) the remote host (attacker).
The default is -1 (i.e., not configured).
Note: This parameter is applicable only if the 'Threshold
Scope' parameter is set to IP or IP+Port.
Defines the duration (in sec) to keep the attacker on the
blacklist.
The valid range is 0 to 1,000,000. The default is -1 (i.e., not
configured).
152
Mediant 1000B Gateway & SBC
Description
Document #: LTRT-27034
Advertisement
Chapters
Table of Contents
