Hello - I have a Cisco ASA and I am trying to configure it to shun hosts who attempt to scan the external IPs on my network. I have enabled TCP Intercept Threat Detection (monitoring window 1, burst threshold 25, average threshold 25) but I am still getting hosts who scan my external IP range (100+ IP) in a couple seconds and the ASA does not shun them. I have looked everywhere I can think of but can't find out what I am doing wrong. Help!!