1 Reply Latest reply on Dec 19, 2014 1:51 PM by MaxPat

    Attack Inbound UDP Packet Volume Too High (High)

    brownie72

      Is there a place to adjust the threshold of what constitutes an Inbound UDP Packet volume attack? I want to see these but we have 1Gig SIP trunks with a large amount of traffic where valid non-attack calls UDP (RTP) are being deemed as an Attack which in reality they are not an attack - they are good calls. I would like to bump the threshold up to normalize our environment.

       

       

       

      Update 1

      I found can change in in "Thershold Mode" under Policy - Advanced - Default IPS Attack Settings

       

      I don't think this is going to solve my problem because it appears the alerts I get in email and on dashboard are from Learning Mode which you can't change?