DDoS Defender - false positive rules
Information
Summary: |
False positive principles in the DDoS Defender module. |
Environment: |
Product: Flowmon DDoS Defender Version: Any Platform: Any |
Question/Problem Description: |
How do the false positive marks work? How the false positive mark changes the baseline? |
Steps to Reproduce: | |
Error Message: | |
Defect Number: | |
Enhancement Number: | |
Cause: | |
Resolution: |
Marking an attack as a false positive cause the attack traffic to be considered standard traffic for baseline calculation. That means that the baseline raise a little bit. For example, if the baseline length is 24 hours then the attack older than 24 hours doesn't have any impact on the baseline. |
Workaround: | |
Notes: |
Was this article helpful?
0 out of 0 found this helpful