Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

How do I configure Adaptive Filter Configuration (AFC) settings from the LSM?

    • Updated:
    • 18 Sep 2017
    • Product/Version:
    • TippingPoint IPS N-series All
    • TippingPoint IPS NX-series All
    • TippingPoint IPS S-series All
    • TippingPoint NGFW All
    • TippingPoint SecBlade All
    • TippingPoint TPS All
    • TippingPoint Virtual TPS All
    • Platform:
Summary

With Adaptive Filtering, the Threat Suppression Engine (TSE) automatically manages filter behavior when the IPS device is under extreme load conditions. This feature protects against the potential adverse effects of a filter that interacts poorly with the network environment by preventing the device from entering High Availability mode. Adaptive filtering works by monitoring each filter to identify any suspected of causing congestion. When it identifies a filter, it manages the filter using one of the following methods, depending on how the global or filter-level Adaptive Filtering is configured:

Automatic Mode: This setting enables the IPS device to automatically disable and generate a system message regarding the defective filter.


Manual: This setting enables the IPS device to generate a system message regarding the defective filter. However, the filter is not disabled.

 

Details
Public

You can configure the global settings for the adaptive filtering. At the filter level, you have the option to disable AFC so that a filter is never impacted by Adaptive Filter settings on the device. You can view  the effects of Adaptive Filter Configuration in the table, which displays the filters most recently affected by the Adaptive Filter. You can also manage the global AFC and the filter-level configuration.
 


IPS LSM

  1. From the LSM menu, click IPS > Preferences.
  2. On the IPS Preferences page in the Adaptive Configuration Settings section, select the mode. (Auto or  Manual)
  3. For Log Severity, select the severity of the system log message that is automatically generated when a filter triggers the Adaptive Filter function.(Info, Warn, Error, Critical)
  4. Click Apply.

 


TPS LSM

  1. From the LSM menu, click Reports > Security > Adaptive Filter Control.
  2. On the Adaptive Filter Control page in the Settings section, select the mode. (Auto or  Manual)
  3. For Log Severity, select the severity of the system log message that is automatically generated when a filter triggers the Adaptive Filter function.(Info, Warn, Error, Critical)
  4. Click Apply.

 

 

Reference: Local Security Manager User's Guide

Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000090148
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.