KB.15.15

Figure 28 Connection-rate filtering configuration in the startup-config file

Enabling global connection-rate filtering and sensitivity

Use the commands in this section to enable connection-rate filtering on the switch and to apply the

filtering on a per-port basis.

Syntax:

connection-rate-filter sensitivity <low | medium | high |

aggressive>

[no]connection-rate-filter

This command:

• Enables connection-rate filtering.

• Sets the global sensitivity level at which the switch interprets a given host attempt

to connect to a series of different devices as a possible attack by a malicious

agent residing in the host.

Options for configuring sensitivity include:

low

Sets the connection-rate sensitivity to the lowest possible sensitivity, which allows

a mean of 54 destinations in less than 0.1 seconds, and a corresponding

penalty time for Throttle mode (if configured) of less than 30 seconds.

54 Virus throttling (connection-rate filtering)