3-10
Virus Throttling (Connection-Rate Filtering)
Configuring Connection-Rate Filtering
Enabling Connection-Rate Filtering and Configuring
Sensitivity
Note The sensitivity settings configured on the switch determines the Throttle
mode penalty periods as shown in Table 3-1 on page 3-11.
Syntax: connection-rate-filter sensitivity < low | medium | high | aggressive >
no connection-rate-filter
This command:
• Enables connection-rate filtering.
• Sets the global sensitivity level at which the switch
interprets a given host’s attempts to connect to a series of
different devices as a possible attack by a malicious agent
residing in the host.
Options for configuring sensitivity include:
low: Sets the connection-rate sensitivity to the lowest
possible sensitivity, which allows a mean of 54
destinations in less than 0.1 seconds, and a corresponding
penalty time for Throttle mode (if configured) of less than
30 seconds.
medium: Sets the connection-rate sensitivity to allow a
mean of 37 destinations in less than 1 second, and a
corresponding penalty time for Throttle mode (if
configured) between 30 and 60 seconds.
high:
Sets the connection-rate sensitivity to allow a mean of
22 destinations in less than 1 second, and a corresponding
penalty time for Throttle mode (if configured) between 60
and 90 seconds.
aggressive:
Sets the connection-rate sensitivity to the
highest possible level, which allows a mean of 15
destinations in less than 1 second, and a corresponding
penalty time for Throttle mode (if configured) between 90
and 120 seconds.
The no connection-rate-filter command disables connection-
rate filtering on the switch.
To Next Page
Loading...
Need help?
General