Hi ,
I want that the IDS should apply an acl to PIX when it detects an attack.I have tested this and found that cspm(2.3.3i)says that it has applied the acl and also shows in the event viewer that the ip address is blocked.But when I see the access-list in the PIX there is no entry..and I am able access everything even though the cspm says it is blocked.
The same functionality I have tested with 2611 router and everything works fine..as ids and cspm adds a acl in the router.
Do I need to upgrade any IOS to resolve this issue ? or am I missing something ?
The software version used during the testing was
sensor (4230) - 3.0(1)s4
PIX 535 - 6.0(1)
CSPM - 2.3.3 i
Kind Regards /Thangavel