Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
697
Views
3
Helpful
5
Replies

4240 Multi-Interface Shun question

HEATH FREEL
Level 1
Level 1

‎03-10-2005 07:11 AM - edited ‎03-10-2019 01:19 AM

Here is the scenerio

I have a 4240 with 8 interfaces. I have 5 Internet accesses - one sensing interface per internet access.

Is it possible to set up blocking for each specific firewall based on where the attack came from.

I do not want to block the attacking IP from all 5 internet accesses - only the one that the attack originated on.

Is this possible? Thanks in advance.

Labels:
0 Helpful
5 Replies 5

marcabal
Cisco Employee
Cisco Employee

‎03-10-2005 02:54 PM

Not at this time.

Currently all shuns will be applied to all devices.

(Unless the address in the Never Shun list, then it will not be applied to any of the devices)

If you would like to see this in a future release then ask your Cisco account manager or the TAC to submit a DDTS Enhancement request to have this feature added to the sensor.

ajay_dand
Level 1
Level 1
In response to marcabal

‎03-16-2005 04:02 AM

That's a pretty useful feature. There are other host of features, I would like to see on the IDM & IDS-MC. Could somebody point to a way I can properly submit a DDTS Enhancement request?

0 Helpful

rwassom
Level 1
Level 1

‎03-16-2005 08:25 AM

I assume we are talking about a theoretical situation here, since the 4240 only has 4 sensing ports and 1 management port. There are currently no option cards available to upgrade the 4240 to 8 sensing interfaces.

-rw

0 Helpful

HEATH FREEL
Level 1
Level 1
In response to rwassom

‎03-16-2005 10:18 AM

Initially I was not talking theorerically- since I was looking to deploy 8 Interfaces. The documentation on the 4240 is misleading.

it says the following.

Four 10/100/1000Base-Tx monitoring interfaces (allowing a total of 8 monitoring interfaces) or four 1000Base-Sx fiber (available soon).

I took that to mean that the Fiber was available soon.

Either way - with four interfaces all sensing - the question I asked still applies and I have been told it is not supported.

0 Helpful

rwassom
Level 1
Level 1
In response to HEATH FREEL

‎03-18-2005 01:54 PM

I apologize for the misleading documentation. I interpreted it the same way you did, and have already attempted to address this with the appropriate folks. Hopefully we will get the documentation updated soon to accurately reflect available options, which should prevent further confusion.

-Rusty

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card