DefensePro User Guide
Real-Time Security Reporting
296
Document ID: RDWR-DP-V0602_UG1201
Last Sample Statistics Table
Monitoring DNS Flood Attack Traffic
You can monitor the traffic for a network-policy rule that includes DNS Flood protection. Traffic
information is displayed in the Statistics Graph and Last Sample Statistics table.
To display traffic information for a network policy rule that includes DNS protection
1. In the Security Monitoring perspective navigation pane, select the device to monitor.
2. Select the Protection Monitoring tab, and select Network Rule DNS Traffic.
3. In the content pane Filter group box, configure the filter for the display of the Statistics Graph
and Last Sample Statistics table; and then, click Go.
4. Configure the settings for the display of the Statistics Graph.
Statistics Graph
The graph displays the traffic rates for the selected network policy rule according to the specified
parameters over a period of time. The time period depends on the polling refresh configuration.
Normal Edge
(
dashed green)
The statistically calculated baseline traffic rate.
Suspected Edge
(
dashed orange)
The traffic rate that indicates a change in traffic that might be an
attack.
Attack Edge
(
dashed red)
The traffic rate that indicates an attack.
Table 137: Last Sample Statistics Parameters
Parameter
Description
Traffic Type
The protection type. Each specific traffic type and direction has a baseline
that the device learns automatically.
Baseline
The normal traffic rate expected by the device.
Total Traffic
The total traffic rate that the DefensePro device sees for the specific traffic
type and direction.
Baseline Portion %
An indication for the rate invariant baseline—that is, the normal percentage
of the specific traffic type to all other traffic in the same direction.
RT Portion %
The actual percentage of the specific traffic type relative to all other traffic in
the same direction.
Legitimate Traffic
The actual forwarded traffic rate, after the device blocked the attack.
When there is no attack, the RT Rate and Legitimate Rate are equal.
Legitimate Portion % The actual percentage of the forwarded traffic rate of the specified type
relative to other types of traffic, after the device blocked the attack.
Degree of Attack
A numeric value that evaluates the current level of attack. A value of 8 or
greater signifies an attack.
Table 136: Statistics Graph Legend
Line
Description
Содержание DefensePro 6.02
Страница 1: ...DefensePro User Guide Software Version 6 02 Document ID RDWR DP V0602_UG1201 January 2012 ...
Страница 2: ...DefensePro User Guide 2 Document ID RDWR DP V0602_UG1201 ...
Страница 20: ...DefensePro User Guide 20 Document ID RDWR DP V0602_UG1201 ...
Страница 28: ...DefensePro User Guide Table of Contents 28 Document ID RDWR DP V0602_UG1201 ...
Страница 116: ...DefensePro User Guide Device Network Configuration 116 Document ID RDWR DP V0602_UG1201 ...
Страница 256: ...DefensePro User Guide Managing Device Operations and Maintenance 256 Document ID RDWR DP V0602_UG1201 ...
Страница 274: ...DefensePro User Guide Monitoring DefensePro Devices and Interfaces 274 Document ID RDWR DP V0602_UG1201 ...
Страница 302: ...DefensePro User Guide Real Time Security Reporting 302 Document ID RDWR DP V0602_UG1201 ...
Страница 308: ...DefensePro User Guide Administering DefensePro 308 Document ID RDWR DP V0602_UG1201 ...
Страница 324: ...DefensePro User Guide Troubleshooting 324 Document ID RDWR DP V0602_UG1201 ...