https://community.cisco.com/t5/network-security/idsm/m-p/2277967#M53461 <P>Got idsm in a 6500. Too much traffic causing the load to go to 100%. Is there away to skip traffic to certain inbound destinations from getting inspected? I'm not talking about Event Action Filters as those don't stop the inspeciton, but just turn off actions. I want to say that any traffic to IPs A, B, C should be skipped by the engine. Is this possible?</P> Sun, 10 Mar 2019 13:02:35 GMT steve554365 2019-03-10T13:02:35Z https://community.cisco.com/t5/network-security/idsm/m-p/2277967#M53461 <P>Got idsm in a 6500. Too much traffic causing the load to go to 100%. Is there away to skip traffic to certain inbound destinations from getting inspected? I'm not talking about Event Action Filters as those don't stop the inspeciton, but just turn off actions. I want to say that any traffic to IPs A, B, C should be skipped by the engine. Is this possible?</P> Sun, 10 Mar 2019 13:02:35 GMT https://community.cisco.com/t5/network-security/idsm/m-p/2277967#M53461 steve554365 2019-03-10T13:02:35Z https://community.cisco.com/t5/network-security/idsm/m-p/2277968#M53463 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>It depends on how you are sending traffic to the IDSM.</P><P></P><P>You can use an ACL and deny it there:</P><P></P><PRE>ip access-list extended IPS<BR /> deny ip any host x.x.x.x<BR /> permit ip any any<BR /><BR />vlan access-map 10<BR /> match ip address IPS<BR /> action forward capture<BR /><BR />vlan filter 10 vlan-list 800<BR /><BR />intrusion-detection module 8 data-port 1 capture allowed-vlan 800<BR />intrusion-detection module 8 data-port 1 capture</PRE><P></P><P>Regards,</P><P></P><P>Felipe. </P></BODY></HTML> Thu, 12 Sep 2013 17:59:21 GMT https://community.cisco.com/t5/network-security/idsm/m-p/2277968#M53463 lcambron 2013-09-12T17:59:21Z