Event ID - 15117

Event Id15117
SourceDNS Intrusion Detection Filter
DescriptionThe request was denied because the number of connections per second allowed for the %1 rule was exceeded. See the help for more information on connection limits.
Event Information According to Microsoft :
CAUSE :
ISA Server rejected a connection from the client %1 because its connection limit was exceeded. The event could indicate a flood attack

SOLUTION :
Use the log filter to determine if the source of the connection is legitimate or the result of a flood attack. To do this, in the console tree of ISA Server Management click Monitoring, then click the Logging tab. Then edit the log filter to view the relevant details. If the connection should be allowed, increase the connection limit threshold. in the console tree of ISA Server Management click Configuration, then click General. In the General details pane, click Define Connection Limits. Use the options in the Connection Limits tab to increase the number of connctions allowed per second.
Reference LinksEvent id: 15117 Source id: DNS Intrusion Detection Filter

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.