topic Re: Firepower Trust action in Network Security

Firepower Trust action

sajid231088 — Thu, 05 Aug 2021 05:35:18 GMT

Hi Team,

Hope you all are doing good.

please help me in below.
let take a example that we have Cisco IPS connected outside interface with Internet router and Inside conneted with Server.

As a testing i will attack on the server from outside and i want IPS to detect these attack not to block so for that do i have to configure access control rule with action Trust or do i have to create some other rules ?

my requirement is very simple i want IPS to detect all those attacks originated from source X to destination Y, I dont want these attacks to be blocked by IPS

please suggest.

Re: Firepower Trust action

Marvin Rhoads — Fri, 06 Aug 2021 02:53:10 GMT

Do not use a trust rule - that will bypass the IPS rules for the configured flow.

Instead use an allow rule for the source of the simulated attack with a custom IPS policy whose rules are all set to detect (and not block/drop).

Re: Firepower Trust action

sajid231088 — Sat, 07 Aug 2021 04:01:44 GMT

Hi Marvin,

Thanks for your response.