I set up Dos Policy, only monitoring, on the incoming WAN port, with default values. The udp_flood threshold is 2000. What is the unit of the threshold value?
I'm experiencing a constant udp_flood anomaly with my own legal VPN connections (colleagues connecting to the internal network via VPN). The following logs are visible in the analyzer. What could be causing these anomalies in IKE traffic. What does the count value mean? Very high variance (2 and 22332).