ā08-08-2011 01:08 PM - edited ā03-11-2019 02:09 PM
Hi All,
Can I do any configuration on the ASA to dynamically disable an attackers IP address, say for 1 hour if he/she entered 10 bad password attempts to an email server ?
Thanks,
Ismail
ā08-08-2011 01:41 PM
That's the role of an IPS sensor. You can plug one into an ASA. It's called the AIP-SSM.
ā08-08-2011 02:27 PM
Hi Collin,
So you are you saying that we can't do it through normal access-lists/inspection/etc ? (Without IPS)
Thanks indeed,
ā08-08-2011 02:29 PM
Correct. If you need to do something dynamic (like shun an IP) IPS is the way to do it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
