04-05-2016 06:20 AM - edited 03-12-2019 05:57 AM
Dears,
I am configuring ASA 5525 with firepower (IPS) the box is out of the network before I put live I need to configure IPS in a professional way and to avoid any packets drops for the live network, can anybody guide me to configure IPS basic default setting which will avoid any packets drops.
thanks
04-05-2016 07:10 AM
Hi,
Refer link : http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html
On ASA :
ciscoasa(config)# policy-map global_policy
ciscoasa(config-pmap)# class sfr
ciscoasa(config-pmap-c)# sfr fail-open monitor-only.
You can set the traffic to monitor only so that it forwards the copy of packet and does not take any action on the packets.
Regards,
Aastha Bhardwaj
Rate if that helps!!!
04-07-2016 06:49 AM
Hello,
I have been through this link,i want the IPS to be inline instead of monitor-only but I want to know which rules should be enabled and which should not be.
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: