https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011295#M1010279 <P>Is there any safe way to test Firepower's IDS policy on a machine to see if the IDS policy is working? I know of the EICAR test for detecting malicious files, but is there an equivalent site we can go to for IDS testing?</P> Tue, 14 Jan 2020 15:38:44 GMT ryan14 2020-01-14T15:38:44Z https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011295#M1010279 <P>Is there any safe way to test Firepower's IDS policy on a machine to see if the IDS policy is working? I know of the EICAR test for detecting malicious files, but is there an equivalent site we can go to for IDS testing?</P> Tue, 14 Jan 2020 15:38:44 GMT https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011295#M1010279 ryan14 2020-01-14T15:38:44Z https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011338#M1010280 <P>Hi,</P> <P>Try some penetration testing tools like&nbsp;Metasploit.</P> <P>&nbsp;</P> <P><STRONG>Hope This Helps</STRONG></P> <P>Abheesh</P> Tue, 14 Jan 2020 16:23:08 GMT https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011338#M1010280 Abheesh Kumar 2020-01-14T16:23:08Z https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011359#M1010282 <P>Does this tool allow you to test an end-user PC to see if it is protected from ransomware or other vulnerabilities?</P> Tue, 14 Jan 2020 16:45:01 GMT https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011359#M1010282 ryan14 2020-01-14T16:45:01Z https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011378#M1010284 <P>I have personally used Qualys in the past. They have a personal/community edition that is free of charge that does not include all features and can scan a limited number of IPs. However, if you end up liking it, you can get the paid version:</P> <P><A href="https://www.qualys.com/community-edition/" target="_blank">https://www.qualys.com/community-edition/</A></P> <P>I hope this helps!</P> <P><EM>Thank you for rating helpful posts!</EM></P> Tue, 14 Jan 2020 17:21:36 GMT https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011378#M1010284 nspasov 2020-01-14T17:21:36Z https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011421#M1010286 <P>Is it safe to say that Firepower can protect against most common ransomware assuming it matches the appropriate rule with DPI/Intrusion policy enabled or is that more of a function of the security intelligence?</P> Tue, 14 Jan 2020 18:31:45 GMT https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011421#M1010286 ryan14 2020-01-14T18:31:45Z https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011717#M1010289 <P>hi,</P><P>you can test the FP intrusion policy/rule by performing a penetration test.</P><P>i tried kali linux 'armitage' to trigger them.</P><P>see helpful link:</P><P><A href="http://wannabecybersecurity.blogspot.com/2019/08/configuring-cisco-fmc-intrusion-policy.html" target="_blank">http://wannabecybersecurity.blogspot.com/2019/08/configuring-cisco-fmc-intrusion-policy.html</A></P> Wed, 15 Jan 2020 08:49:10 GMT https://community.cisco.com/t5/network-security/effective-way-to-test-ids/m-p/4011717#M1010289 johnlloyd_13 2020-01-15T08:49:10Z