Views:
Configure appliance-specific global settings, such as IDS and quarantine settings, timeout settings, asymmetric routing (DDoS filters cannot work if this feature is enabled), adaptive filter properties, and auto-reboot enablement.
You can configure the global settings for the following items:
  • Adaptive Filtering — Set Adaptive Filtering Configuration (AFC) options that automatically manage your appliance under extreme load conditions and protect against the potential adverse effects of a defective filter. On rare occurrences, the system can experience extreme load conditions due to filter failure and traffic congestion, causing a device to enter High Availability (HA) mode. Adaptive filtering disables the filters that are likely causing traffic congestion.
  • Connection Table — The value for the global connection table timeout. This value is 30-1800 seconds. This value applies to all blocked streams in the connection table, and determines the amount of time that elapses before that connection is cleared from the connection table. Before that period of time elapses, any incoming packets for that stream are blocked at the box. After the connection is cleared, the incoming connection is allowed (if its action set has changed) or re-added to the blocked list. Separate settings are available for TCP and non-TCP traffic.
  • Asymmetric Network — The dynamic sharing and use of bandwidth for increased network traffic performance. If you configure the appliance through the TSE configuration for an asymmetric network, the SYN flood detection, or DDoS filters, will be disabled. In effect, the TSE will not see both sides of a TCP connection. SSL inspection cannot occur in asymmetric mode. Consult your device documentation for a list of additional filters that cannot be run in asymmetric mode.
  • Quarantine — Specifies the global timeout for the quarantine table. For quarantined hosts in the quarantine table, this value determines the time interval that elapses before the quarantined host is cleared from the quarantine table. After the quarantined host is cleared (the timeout interval expires), quarantined addresses can be automatically released, if that option is selected.
Note
Note
If you unmanage an appliance and then remanage the appliance, the quarantine settings are reset to the default value.
  • IDS Mode —When enabled, automatically configures the device to operate in a manner similar to an Intrusion Detection System (IDS).
    • Performance protection is disabled. As a best practice, enable this option and set it to Always.
    • Adaptive Filtering mode is set to Manual.
    • Filters currently set to Block are not switched to Permit, and Block filters can still be set.
    Note
    Note
    Using an IPS/TPS device in a mixed configuration is not supported. When an IPS/TPS device is used in an IDS configuration, then it is an IDS device. Use the IPS/TPS as either an IDS device or an IPS device, but not both.
Reboot your system for settings to take effect.
  • Auto Reboot —Specifies whether automatic reboots can be determined by the appliance.