https://community.cisco.com/t5/network-security/configuring-aip-ssm-to-monitor-only/m-p/1328766#M76760 <P>Hi all,</P><P></P><P>We purchased an AIP-SSM-20 for our ASA5520. Is there a way to enable IPS functionality, but not block anything, i.e. just log events? This is just to see if any legitimate company traffic will be blocked.</P><P></P><P>Thanks!</P><P>Jacques</P> Sun, 10 Mar 2019 11:41:51 GMT JACQUES DU PLESSIS 2019-03-10T11:41:51Z https://community.cisco.com/t5/network-security/configuring-aip-ssm-to-monitor-only/m-p/1328766#M76760 <P>Hi all,</P><P></P><P>We purchased an AIP-SSM-20 for our ASA5520. Is there a way to enable IPS functionality, but not block anything, i.e. just log events? This is just to see if any legitimate company traffic will be blocked.</P><P></P><P>Thanks!</P><P>Jacques</P> Sun, 10 Mar 2019 11:41:51 GMT https://community.cisco.com/t5/network-security/configuring-aip-ssm-to-monitor-only/m-p/1328766#M76760 JACQUES DU PLESSIS 2019-03-10T11:41:51Z https://community.cisco.com/t5/network-security/configuring-aip-ssm-to-monitor-only/m-p/1328767#M76762 <HTML><HEAD></HEAD><BODY><P>Configure the ASA to send traffic to the IPS in promiscuous mode using the following command in a policy-map:</P><P></P><P>hostname(config-pmap-c)# ips {inline | promiscuous} {fail-close | </P><P>fail-open} [sensor {sensor_name | mapped_name}]</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/aipssm.html" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/aipssm.html</A></P><P></P><P>Geroge</P></BODY></HTML> Mon, 13 Jul 2009 17:33:54 GMT https://community.cisco.com/t5/network-security/configuring-aip-ssm-to-monitor-only/m-p/1328767#M76762 gbekmezi 2009-07-13T17:33:54Z