KB.15.15

Table 4 Throttle mode penalty periods

Penalty periodMean number of new

destination hosts in the

frequency period

Frequency of IP connection

requests from the same

source

Throttle mode (sensitivity)

< 30 seconds54< 0.1 secondLow

30 - 60 seconds37< 1.0 secondMedium

60 - 90 seconds22< 1.0 secondHigh

90 - 120 seconds15< 1.0 secondAggressive

Example of a Basic Connection-Rate Filtering Configuration

Figure 29 Sample network

Basic configuration

Suppose that in the sample network, the administrator wanted to enable connection-rate filtering

and configure the following response to high connection-rate traffic on the switch:

• Ports B1 — B3: Throttle traffic from the transmitting hosts.

• Port B4: Respond with notify-only to identify the transmitting hosts.

• Ports B9, D1, and D2: Block traffic from the transmitting hosts.

This example illustrates the configuration steps and resulting startup-config file:

56 Virus throttling (connection-rate filtering)