Cisco Anomaly Guard Module Configuration Guide (Software Version 4.0) - Index [Cisco Services Modules]

Table Of Contents

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W - X - Z

Index

A

AAA

authentication4-5

configuring4-3

aaa authentication command4-5

action command8-25

action flow10-15

add-service command8-13

admin privilege level3-2

advertised routes, viewing5-8, 5-12, 5-17

always-accept8-26

always-ignore8-26

Analysis protection module1-8, 8-15

anomaly

detected10-4

flow10-12

anti-spoofing drop statistics12-11

AP

booting to2-9

clearing configuration11-35

clearing passwords11-35, 11-36

upgrading11-26

upgrading, inline11-31

application partition

See AP

arp command11-13

attack report

copying10-16, 10-17

detected anomalies10-4

dropped/replied packets10-3

exporting10-16

exporting automatically10-16

layout10-2

mitigated attacks10-6

statistics10-3

timing10-2

viewing10-13, 12-6

attack statistics12-7

attack type

client10-9

malformed packets10-10

spoofed10-6

user defined10-10

zombie10-8, 10-11

authentication, configuring4-5

authorization, configuring4-8

auth packet types8-16

automatic protection mode6-15

automatic protect mode1-6, 6-15

B

bad packets to proxy drop statistics12-10

basic

protection module8-15

User filter actions7-12

Basic protection module1-8, 8-15

Berkley Packet filter7-6

block Dynamic filter actions7-17

block-unauthenticated policy action8-25

boot command2-9

burn flash11-34

Bypass filter

command7-10

configuring12-5

definition1-7, 7-3

deleting7-11

viewing7-11

C

capture, packets11-20

caution

symbol overviewxxiv

CFE11-27, 11-32, 11-34

clear ap config command11-35

clear ap password command11-35, 11-36

clear log command11-7

CLI

changing prompt4-19

command shortcuts3-7

error messages3-5

getting help3-6

issuing commands3-3

TAB completion3-6

using3-2

client attack mitigated attacks10-9

command line interface

See CLI3-2

command shortcuts3-7

config privilege level3-2

configuration

file

copying11-8

exporting11-8

importing11-9

viewing4-15

saving on supervisor2-1

configure command3-7

constructing policies6-11

copy commands

ftp running-config11-9

log11-4, 11-6

reports10-17

running-config11-8

zone log11-6

copy-services command8-29

counters

history6-19

counters, viewing6-19

cpu utilization11-12

D

date command4-16

DDoS

attack classification12-6

overview1-2

deactivating protection6-17

default configuration, returning to11-35

default-gateway command3-11

description command6-4

detected

anomalies10-4

flow10-15

diagnostics11-10

diff command8-28

disable command8-10

distributed denial of service

See DDoS

diversion

command5-6, 5-7

configuring inline5-9

configuring out-of-path5-12

definition5-2

hijacking5-5

injection5-7, 5-18

mechanism5-4

network configuration5-2

overview5-1

troubleshooting12-2

viewing advertised routes5-8, 5-12, 5-17

DNS

detected anomalies10-5

drop statistics12-10, 12-11

TCP policy templates8-4

drop

Dynamic filter action7-17

policy action8-22, 8-25

statistics12-8

User filter action7-13

dropped packets6-10, 10-3

drop protection module1-8

drop-statistics command12-8

dst traffic characteristics8-17

Dynamic filter7-4

actions7-17

command7-18, 7-23

deactivating7-24

definition1-7

deleting7-23, 12-5

inactivating12-5

input to7-3

overview7-17

preventing production of7-23

sorting7-19

terminating7-24

viewing7-19, 12-4

zone malicious rate7-24

dynamic privilege level3-2

E

enable

command4-9, 8-10

password command4-9

enabling services4-2

event log11-4

event monitor command11-4

export command11-5

exporting

configuration file11-8

log file11-6

reports automatically10-16

export reports command10-16

F

facility11-5

filter rate

termination threshold7-24

filters

Bypass1-7, 7-10

Dynamic1-7, 7-4, 7-17

Flex1-7, 7-6

overview7-1

User1-7, 7-12

filter-termination command7-24

first-hit4-12

flash-burn command11-34

Flex filter

command7-6

configuring7-6

default configuration4-23

definition1-7, 7-3

deleting7-6

dropped12-8

viewing7-9

fragments

detected anomalies10-5

policy template8-4

G

global traffic characteristics8-17

Guard

configuring multiple2-10

self protection4-22

H

high availability2-12

host, logging11-5

hostname

changing4-19

command4-19

HTTP

detected anomalies10-5

policy template8-5

hw-module command11-26, 11-27, 11-29, 11-31, 11-36

hw-module commands2-8

I

incoming TCP drop statistics12-8

injecting

VRF5-20

inline upgrade11-31

in packet types8-16

installation

verifying2-2

intecting

tunnel5-23

interactive

operation mode9-3

policy status8-26

interactive protection mode6-15

interactive protect mode1-6, 6-15

interactive-status command8-26

interface

activating3-8, 3-9

command3-8, 3-9, 3-10

configuring IP address3-8to 3-10

loopback3-10

ip address command

interface3-8to 3-10

zone6-3, 6-18

ip route command3-12

IP scan

detected anomalies10-5

policy template8-5

K

key command

add4-17

remove4-18

L

land attack drop statistics12-11

layer 3 interface

configuring on VLAN2-6

learning

command6-12, 6-14

constructing policies6-11

overview6-9

policy-construction command6-11

terminating process6-12, 6-14

threshold-tuning command6-13

tuning thresholds6-13

LINK templates6-11

load sharing2-10

log file

clearing11-7

exporting11-4, 11-6

viewing11-6

logging, viewing configuration11-6

logging command11-5

loopback interface3-10

M

maintenance partition

See MP

malformed packets

mitigated attacks10-10

malformed packets drop statistics12-11

malicious rate termination threshold7-24

management

overview3-14

port2-3, 3-7, 3-8

SSH3-15

VLAN2-3

WBM3-14

max-services command8-9

memory consumption11-12

min-threshold command8-10

mitigated attacks

client attack10-9

malformed packets10-10

overview10-6

spoofed10-6

user defined10-10

zombie10-6

modules

Analysis1-8, 8-15

Basic1-8, 8-15

Drop1-8

overview8-15

Rate Limiting1-8, 7-10

Recognition1-8

recognition11-12

Strong1-8, 8-15

monitoring

network traffic11-20, 11-22

MP

booting to2-9

upgrading11-29

upgrading, inline11-31

mtu command3-8, 3-10

multiple Guards

configuring2-10

N

netstat command11-15

no learning command6-12, 6-14

non DNS drop statistics12-10

no proxy policy templates8-7

notify policy action8-22, 8-25

ns policy templates8-7

num_sources packet type8-16

O

on-demand6-18

other protocols

detected anomalies10-5

policy template8-5

other protocols drop statistics12-9

out_pkts packet types8-16

outgoing TCP drop statistics12-9

P

packet-dump command11-20

packets, capturing11-20

password

changing4-7

enabling4-9

recovering11-35, 11-36

password, recovering11-36

pending Dynamic filters9-2

viewing9-7

permit

command3-14, 3-15, 4-2

User filter action7-12

ping command11-19

pkts packet type8-16

polict set-timeout command8-24

policy

action8-19, 8-25

activating8-20

adding services8-12

command8-18, 8-19

constructing1-5, 6-10, 6-11, 8-4

copy-services8-29

deleting service8-14

disabling8-20

inactivating8-20

multiplying thresholds8-22, 12-3, 12-4

packet types8-15

proxy threshold8-24

show statistics8-32

state8-20

structure8-2

threshold8-4, 8-19, 8-21

timeout8-19, 8-24

traffic characteristics8-17

tuning thresholds1-5, 6-10, 6-13, 8-4

viewing12-4

viewing statistics6-14, 8-31

policy template

command8-7, 8-8, 8-11

configuration command level8-8

max-services8-9

min-threshold8-10

overview8-4

parameters8-8

state8-10

port

data3-7, 3-8

management3-7, 3-8

port scan

detected anomalies10-5

policy template8-5

power enable command2-9

privilege levels3-2

assigning passwords4-9

moving between4-9

protect

activating3-13

automatic mode1-6, 6-15

command6-16

deactivating automatically6-17

interactive mode1-6, 6-15

on-demand6-18

specific IP6-16

termination timeout6-17

protection-end-timer command6-17

protection modules

See modules

protocol traffic characteristics8-17

proxy

command3-13

configuring3-13

no proxy policy templates8-7

proxy-threshold command8-24

R

rate-limit command6-4

Rate Limiter

dropped12-8

Rate Limiting protection module7-10

rate limiting protection module1-8

rates

history6-19

rates, viewing6-19

reactivate-zones3-16

rebooting

parameters3-16

recognition module11-12

Recognition protection module1-8

recommendations

accepting9-8

activating9-3, 9-7

change decision8-26

command9-7

deactivating9-3

ignoring9-8

overview9-2

receiving notification9-2

viewing9-2, 9-4

viewing pending-filters9-7

redirect/zombie

Dynamic filter action7-18

policy action8-25

redundancy2-10, 2-12

reload command3-16

renumbering User filters7-13

replied packets10-3

report

See attack report10-2

reports

details10-13

reqs packet type8-16

reset command2-8

routing table

manipulation3-12

viewing3-13

running-config

copy11-8

copy ftp11-9

show4-15

S

self-protection command4-22

service

adding8-12

command3-14, 4-2

deleting8-14

permissions4-2

snmp-trap4-19

wbm3-14

services

enabling4-2

set-action8-25

show commands

counters6-19

cpu11-12

diagnostic-info11-11

drop-statistics12-8

dynamic-filters7-19, 12-4

log11-6

log export-ip11-6

logging11-6

memory11-12

module2-2, 11-26, 11-29, 11-30

policies8-30, 12-3, 12-4

policies statistics6-14, 8-31, 8-32

rates6-19, 12-1

recommendations9-4, 9-5

recommendations pending-filters9-7

reports12-6

reports details10-13

running-config4-15

show11-2

sorting dynamic-filters7-19

templates6-8

zone policies8-30

show privilege level3-2

shutdown command3-9

snapshot command8-27

SNMP, configuring trap generator4-19

snmp commands

community4-21

trap-dest4-19

specific IP threshold8-22

spoofed attacks10-6

src traffic characteristics8-17

SSH

configuring3-15

deleting keys4-18

service3-15

state command8-21, 12-5

static route

adding3-12

strong

Dynamic filter action7-17

policy action8-22, 8-25

pritection module1-8

protection module8-15

User filter action7-13

Strong protection module8-15

supervisor module

booting2-9

configuring2-1

configuring VLANs2-4

powering off2-9

resetting2-8

saving configuration2-1

shutting down2-8

supported versions11-24

verifying configuration2-10

syn_by_fin packet type8-16

syns packet type8-16

syslog

configuring export parameters11-5

configuring server11-5

message format11-4

T

TACACS+

clearing statistics4-14

configuring search4-12

configuring server4-10

server connection timeout4-13

server encryption key4-11

server IP address4-11

viewing statistics4-14

tacacs-server commands

clear statistics4-14

first-hit4-12

host4-11

key4-11

show statistics4-14

timeout4-13

TCP

detected anomalies10-5

drop statistics12-9, 12-10

no proxy policy templates8-7

policy templates8-5

templates

LINK6-11

viewing policies6-8

zone6-6

thresh-mult8-22, 12-3, 12-4

threshold

command8-21

configuring specific IP8-22

filter rate termination7-24

malicious rate termination7-24

multiplying12-3, 12-4

tuning1-5, 6-10

time, configuring4-16

timeout command8-24

to-user-filters

Dynamic filter action7-17

policy action8-22, 8-25

traceroute command11-18

traffic

monitoring11-20, 11-22

trap11-5

trap-dest4-19

tuning policy thresholds6-13

U

UDP

detected anomalies10-5

drop statistics12-9

policy templates8-6

unauthenticated drop statistics12-9

unauth_pkts packet type8-16

unauthenticated TCP detected anomalies10-5

upgrade command11-35

upgrading

AP11-26

inline11-31

MP11-29

user

detected anomalies10-5

user defined mitigated attacks10-10

User filter

actions7-12

command7-13

configuring7-12

definition1-7, 7-3

deleting7-16

input to7-3

renumbering7-13

viewing7-15

username command4-6

users

adding4-6

adding new4-6

assigning privilege levels4-6

deleting4-7

privilege levels3-2, 4-8

V

version, upgrading11-35

VLAN

administrative2-5

assigning2-5

configuring3-9

configuring layer 3 interface2-6

configuring on supervisor module2-4

VPN Routing and Forwarding, See VRF

VRF, configuring injection5-20

W

warning

symbol overviewxxiv

WBM

activating3-14

X

XML schema10-16to 10-19

Z

zombie

packet counter6-20

zombie attack10-6, 10-15

zone

blocking criteria12-4

blocking flows12-2

command6-5, 6-8, 9-3

copying6-8

creating6-5

definition1-4

duplicating6-8

IP address6-3

learning6-9

LINK templates6-11

operation mode6-6

protecting6-15

reconfiguring6-3

templates6-6

viewing configuration6-5

viewing policies8-30

viewing status11-2

zone-malicious-rate7-24

	Cisco Anomaly Guard Module Configuration Guide (Software Version 4.0)
	Index
Cisco Anomaly Guard Module Configuration Guide (Software Version 4.0) Index Preface Introduction Configuring the Guard Module on the Supervisor Engine Module Initializing the Guard Module Configuring the Guard Module Configuring Zone Traffic Diversion Configuring Zones Configuring Zone Filters Configuring Policy Templates and Policies Interactive Protect Mode Attack Reports Guard Module Diagnostics and Maintenance Analyzing Guard Module Mitigation Glossary	Download this chapter Index Download the complete book Cisco Anomaly Guard Module Configuration Guide (Software Version 4.0) Book-Length PDF (PDF - 2 MB) Table Of Contents A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W - X - Z Index A AAA authentication4-5 configuring4-3 aaa authentication command4-5 action command8-25 action flow10-15 add-service command8-13 admin privilege level3-2 advertised routes, viewing5-8, 5-12, 5-17 always-accept8-26 always-ignore8-26 Analysis protection module1-8, 8-15 anomaly detected10-4 flow10-12 anti-spoofing drop statistics12-11 AP booting to2-9 clearing configuration11-35 clearing passwords11-35, 11-36 upgrading11-26 upgrading, inline11-31 application partition See AP arp command11-13 attack report copying10-16, 10-17 detected anomalies10-4 dropped/replied packets10-3 exporting10-16 exporting automatically10-16 layout10-2 mitigated attacks10-6 statistics10-3 timing10-2 viewing10-13, 12-6 attack statistics12-7 attack type client10-9 malformed packets10-10 spoofed10-6 user defined10-10 zombie10-8, 10-11 authentication, configuring4-5 authorization, configuring4-8 auth packet types8-16 automatic protection mode6-15 automatic protect mode1-6, 6-15 B bad packets to proxy drop statistics12-10 basic protection module8-15 User filter actions7-12 Basic protection module1-8, 8-15 Berkley Packet filter7-6 block Dynamic filter actions7-17 block-unauthenticated policy action8-25 boot command2-9 burn flash11-34 Bypass filter command7-10 configuring12-5 definition1-7, 7-3 deleting7-11 viewing7-11 C capture, packets11-20 caution symbol overviewxxiv CFE11-27, 11-32, 11-34 clear ap config command11-35 clear ap password command11-35, 11-36 clear log command11-7 CLI changing prompt4-19 command shortcuts3-7 error messages3-5 getting help3-6 issuing commands3-3 TAB completion3-6 using3-2 client attack mitigated attacks10-9 command line interface See CLI3-2 command shortcuts3-7 config privilege level3-2 configuration file copying11-8 exporting11-8 importing11-9 viewing4-15 saving on supervisor2-1 configure command3-7 constructing policies6-11 copy commands ftp running-config11-9 log11-4, 11-6 reports10-17 running-config11-8 zone log11-6 copy-services command8-29 counters history6-19 counters, viewing6-19 cpu utilization11-12 D date command4-16 DDoS attack classification12-6 overview1-2 deactivating protection6-17 default configuration, returning to11-35 default-gateway command3-11 description command6-4 detected anomalies10-4 flow10-15 diagnostics11-10 diff command8-28 disable command8-10 distributed denial of service See DDoS diversion command5-6, 5-7 configuring inline5-9 configuring out-of-path5-12 definition5-2 hijacking5-5 injection5-7, 5-18 mechanism5-4 network configuration5-2 overview5-1 troubleshooting12-2 viewing advertised routes5-8, 5-12, 5-17 DNS detected anomalies10-5 drop statistics12-10, 12-11 TCP policy templates8-4 drop Dynamic filter action7-17 policy action8-22, 8-25 statistics12-8 User filter action7-13 dropped packets6-10, 10-3 drop protection module1-8 drop-statistics command12-8 dst traffic characteristics8-17 Dynamic filter7-4 actions7-17 command7-18, 7-23 deactivating7-24 definition1-7 deleting7-23, 12-5 inactivating12-5 input to7-3 overview7-17 preventing production of7-23 sorting7-19 terminating7-24 viewing7-19, 12-4 zone malicious rate7-24 dynamic privilege level3-2 E enable command4-9, 8-10 password command4-9 enabling services4-2 event log11-4 event monitor command11-4 export command11-5 exporting configuration file11-8 log file11-6 reports automatically10-16 export reports command10-16 F facility11-5 filter rate termination threshold7-24 filters Bypass1-7, 7-10 Dynamic1-7, 7-4, 7-17 Flex1-7, 7-6 overview7-1 User1-7, 7-12 filter-termination command7-24 first-hit4-12 flash-burn command11-34 Flex filter command7-6 configuring7-6 default configuration4-23 definition1-7, 7-3 deleting7-6 dropped12-8 viewing7-9 fragments detected anomalies10-5 policy template8-4 G global traffic characteristics8-17 Guard configuring multiple2-10 self protection4-22 H high availability2-12 host, logging11-5 hostname changing4-19 command4-19 HTTP detected anomalies10-5 policy template8-5 hw-module command11-26, 11-27, 11-29, 11-31, 11-36 hw-module commands2-8 I incoming TCP drop statistics12-8 injecting VRF5-20 inline upgrade11-31 in packet types8-16 installation verifying2-2 intecting tunnel5-23 interactive operation mode9-3 policy status8-26 interactive protection mode6-15 interactive protect mode1-6, 6-15 interactive-status command8-26 interface activating3-8, 3-9 command3-8, 3-9, 3-10 configuring IP address3-8to 3-10 loopback3-10 ip address command interface3-8to 3-10 zone6-3, 6-18 ip route command3-12 IP scan detected anomalies10-5 policy template8-5 K key command add4-17 remove4-18 L land attack drop statistics12-11 layer 3 interface configuring on VLAN2-6 learning command6-12, 6-14 constructing policies6-11 overview6-9 policy-construction command6-11 terminating process6-12, 6-14 threshold-tuning command6-13 tuning thresholds6-13 LINK templates6-11 load sharing2-10 log file clearing11-7 exporting11-4, 11-6 viewing11-6 logging, viewing configuration11-6 logging command11-5 loopback interface3-10 M maintenance partition See MP malformed packets mitigated attacks10-10 malformed packets drop statistics12-11 malicious rate termination threshold7-24 management overview3-14 port2-3, 3-7, 3-8 SSH3-15 VLAN2-3 WBM3-14 max-services command8-9 memory consumption11-12 min-threshold command8-10 mitigated attacks client attack10-9 malformed packets10-10 overview10-6 spoofed10-6 user defined10-10 zombie10-6 modules Analysis1-8, 8-15 Basic1-8, 8-15 Drop1-8 overview8-15 Rate Limiting1-8, 7-10 Recognition1-8 recognition11-12 Strong1-8, 8-15 monitoring network traffic11-20, 11-22 MP booting to2-9 upgrading11-29 upgrading, inline11-31 mtu command3-8, 3-10 multiple Guards configuring2-10 N netstat command11-15 no learning command6-12, 6-14 non DNS drop statistics12-10 no proxy policy templates8-7 notify policy action8-22, 8-25 ns policy templates8-7 num_sources packet type8-16 O on-demand6-18 other protocols detected anomalies10-5 policy template8-5 other protocols drop statistics12-9 out_pkts packet types8-16 outgoing TCP drop statistics12-9 P packet-dump command11-20 packets, capturing11-20 password changing4-7 enabling4-9 recovering11-35, 11-36 password, recovering11-36 pending Dynamic filters9-2 viewing9-7 permit command3-14, 3-15, 4-2 User filter action7-12 ping command11-19 pkts packet type8-16 polict set-timeout command8-24 policy action8-19, 8-25 activating8-20 adding services8-12 command8-18, 8-19 constructing1-5, 6-10, 6-11, 8-4 copy-services8-29 deleting service8-14 disabling8-20 inactivating8-20 multiplying thresholds8-22, 12-3, 12-4 packet types8-15 proxy threshold8-24 show statistics8-32 state8-20 structure8-2 threshold8-4, 8-19, 8-21 timeout8-19, 8-24 traffic characteristics8-17 tuning thresholds1-5, 6-10, 6-13, 8-4 viewing12-4 viewing statistics6-14, 8-31 policy template command8-7, 8-8, 8-11 configuration command level8-8 max-services8-9 min-threshold8-10 overview8-4 parameters8-8 state8-10 port data3-7, 3-8 management3-7, 3-8 port scan detected anomalies10-5 policy template8-5 power enable command2-9 privilege levels3-2 assigning passwords4-9 moving between4-9 protect activating3-13 automatic mode1-6, 6-15 command6-16 deactivating automatically6-17 interactive mode1-6, 6-15 on-demand6-18 specific IP6-16 termination timeout6-17 protection-end-timer command6-17 protection modules See modules protocol traffic characteristics8-17 proxy command3-13 configuring3-13 no proxy policy templates8-7 proxy-threshold command8-24 R rate-limit command6-4 Rate Limiter dropped12-8 Rate Limiting protection module7-10 rate limiting protection module1-8 rates history6-19 rates, viewing6-19 reactivate-zones3-16 rebooting parameters3-16 recognition module11-12 Recognition protection module1-8 recommendations accepting9-8 activating9-3, 9-7 change decision8-26 command9-7 deactivating9-3 ignoring9-8 overview9-2 receiving notification9-2 viewing9-2, 9-4 viewing pending-filters9-7 redirect/zombie Dynamic filter action7-18 policy action8-25 redundancy2-10, 2-12 reload command3-16 renumbering User filters7-13 replied packets10-3 report See attack report10-2 reports details10-13 reqs packet type8-16 reset command2-8 routing table manipulation3-12 viewing3-13 running-config copy11-8 copy ftp11-9 show4-15 S self-protection command4-22 service adding8-12 command3-14, 4-2 deleting8-14 permissions4-2 snmp-trap4-19 wbm3-14 services enabling4-2 set-action8-25 show commands counters6-19 cpu11-12 diagnostic-info11-11 drop-statistics12-8 dynamic-filters7-19, 12-4 log11-6 log export-ip11-6 logging11-6 memory11-12 module2-2, 11-26, 11-29, 11-30 policies8-30, 12-3, 12-4 policies statistics6-14, 8-31, 8-32 rates6-19, 12-1 recommendations9-4, 9-5 recommendations pending-filters9-7 reports12-6 reports details10-13 running-config4-15 show11-2 sorting dynamic-filters7-19 templates6-8 zone policies8-30 show privilege level3-2 shutdown command3-9 snapshot command8-27 SNMP, configuring trap generator4-19 snmp commands community4-21 trap-dest4-19 specific IP threshold8-22 spoofed attacks10-6 src traffic characteristics8-17 SSH configuring3-15 deleting keys4-18 service3-15 state command8-21, 12-5 static route adding3-12 strong Dynamic filter action7-17 policy action8-22, 8-25 pritection module1-8 protection module8-15 User filter action7-13 Strong protection module8-15 supervisor module booting2-9 configuring2-1 configuring VLANs2-4 powering off2-9 resetting2-8 saving configuration2-1 shutting down2-8 supported versions11-24 verifying configuration2-10 syn_by_fin packet type8-16 syns packet type8-16 syslog configuring export parameters11-5 configuring server11-5 message format11-4 T TACACS+ clearing statistics4-14 configuring search4-12 configuring server4-10 server connection timeout4-13 server encryption key4-11 server IP address4-11 viewing statistics4-14 tacacs-server commands clear statistics4-14 first-hit4-12 host4-11 key4-11 show statistics4-14 timeout4-13 TCP detected anomalies10-5 drop statistics12-9, 12-10 no proxy policy templates8-7 policy templates8-5 templates LINK6-11 viewing policies6-8 zone6-6 thresh-mult8-22, 12-3, 12-4 threshold command8-21 configuring specific IP8-22 filter rate termination7-24 malicious rate termination7-24 multiplying12-3, 12-4 tuning1-5, 6-10 time, configuring4-16 timeout command8-24 to-user-filters Dynamic filter action7-17 policy action8-22, 8-25 traceroute command11-18 traffic monitoring11-20, 11-22 trap11-5 trap-dest4-19 tuning policy thresholds6-13 U UDP detected anomalies10-5 drop statistics12-9 policy templates8-6 unauthenticated drop statistics12-9 unauth_pkts packet type8-16 unauthenticated TCP detected anomalies10-5 upgrade command11-35 upgrading AP11-26 inline11-31 MP11-29 user detected anomalies10-5 user defined mitigated attacks10-10 User filter actions7-12 command7-13 configuring7-12 definition1-7, 7-3 deleting7-16 input to7-3 renumbering7-13 viewing7-15 username command4-6 users adding4-6 adding new4-6 assigning privilege levels4-6 deleting4-7 privilege levels3-2, 4-8 V version, upgrading11-35 VLAN administrative2-5 assigning2-5 configuring3-9 configuring layer 3 interface2-6 configuring on supervisor module2-4 VPN Routing and Forwarding, See VRF VRF, configuring injection5-20 W warning symbol overviewxxiv WBM activating3-14 X XML schema10-16to 10-19 Z zombie packet counter6-20 zombie attack10-6, 10-15 zone blocking criteria12-4 blocking flows12-2 command6-5, 6-8, 9-3 copying6-8 creating6-5 definition1-4 duplicating6-8 IP address6-3 learning6-9 LINK templates6-11 operation mode6-6 protecting6-15 reconfiguring6-3 templates6-6 viewing configuration6-5 viewing policies8-30 viewing status11-2 zone-malicious-rate7-24
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.