IAB Options
State
Enables or disables IAB.
Performance Sample Interval
Specifies the time in seconds between IAB performance sampling scans, during which the system collects system performance metrics for comparison to IAB performance thresholds. A value of 0 disables IAB.
Bypassable Applications and Filters
This feature provides two mutually exclusive options:
Applications/Filters
Provides an editor where you can specify bypassable applications and sets of applications (filters) in essentially the same ways you specify application conditions in access control rules. See Controlling Application Trafficfor more information.
All applications including unidentified application
When an inspection performance threshold is exceeded, trusts all traffic that exceeds any flow bypass threshold, regardless of the application type.
Inspection Performance Thresholds
Inspection performance thresholds provide intrusion inspection performance limits that, if exceeded, trigger inspection of flow thresholds. IAB does not use inspection performance thresholds set to 0.
Note |
Inspection performance and flow bypass thresholds are disabled by default. You must enable at least one of each, and one of each must be exceeded for IAB to trust traffic. If you enable more than one inspection performance or flow bypass threshold, only one of each must be exceeded for IAB to trust traffic. |
Drop Percentage
Average packets dropped as a percentage of total packets, when packets are dropped because of performance overloads caused by expensive intrusion rules, file policies, decompression, and so on. This does not refer to packets dropped by normal configurations such as intrusion rules. Note that specifying an integer greater than 1 activates IAB when the specified percentage of packets is dropped. When you specify 1, any percentage from 0 through 1 activates IAB. This allows a small number of packets to activate IAB.
Processor Utilization Percentage
Average percentage of processor resources used.
Packet Latency
Average packet latency in microseconds.
Flow Rate
The rate at which the system processes flows, measured as the number of flows per second. Note that this option configures IAB to measure flow rate , not flow count .
Flow Bypass Thresholds
Flow bypass thresholds provide flow limits that, if exceeded, trigger IAB to trust bypassable application traffic in bypass mode or allow application traffic subject to further inspection in test mode. IAB does not use flow bypass thresholds set to 0.
Note |
Inspection performance and flow bypass thresholds are disabled by default. You must enable at least one of each, and one of each must be exceeded for IAB to trust traffic. If you enable more than one inspection performance or flow bypass threshold, only one of each must be exceeded for IAB to trust traffic. |
Bytes per Flow
The maximum number of kilobytes a flow can include.
Packets per Flow
The maximum number of packets a flow can include.
Flow Duration
The maximum number of seconds a flow can remain open.
Flow Velocity
The maximum transfer rate in kilobytes per second.