Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
4263
Views
0
Helpful
5
Replies

Effective way to test IDS

ryan14
Level 1
Level 1

‎01-14-2020 07:38 AM

Is there any safe way to test Firepower's IDS policy on a machine to see if the IDS policy is working? I know of the EICAR test for detecting malicious files, but is there an equivalent site we can go to for IDS testing?

Labels:
0 Helpful
5 Replies 5

Abheesh Kumar
VIP Alumni
VIP Alumni

‎01-14-2020 08:23 AM

Hi,

Try some penetration testing tools like Metasploit.

 

Hope This Helps

Abheesh

0 Helpful

ryan14
Level 1
Level 1
In response to Abheesh Kumar

‎01-14-2020 08:45 AM

Does this tool allow you to test an end-user PC to see if it is protected from ransomware or other vulnerabilities?

0 Helpful

nspasov
Cisco Employee
Cisco Employee

‎01-14-2020 09:21 AM

I have personally used Qualys in the past. They have a personal/community edition that is free of charge that does not include all features and can scan a limited number of IPs. However, if you end up liking it, you can get the paid version:

https://www.qualys.com/community-edition/

I hope this helps!

Thank you for rating helpful posts!

0 Helpful

ryan14
Level 1
Level 1
In response to nspasov

‎01-14-2020 10:31 AM

Is it safe to say that Firepower can protect against most common ransomware assuming it matches the appropriate rule with DPI/Intrusion policy enabled or is that more of a function of the security intelligence?

0 Helpful

johnlloyd_13
Level 9
Level 9
In response to ryan14

‎01-15-2020 12:49 AM

hi,

you can test the FP intrusion policy/rule by performing a penetration test.

i tried kali linux 'armitage' to trigger them.

see helpful link:

http://wannabecybersecurity.blogspot.com/2019/08/configuring-cisco-fmc-intrusion-policy.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top