Hello experts, need some knowledge on firepower applicance deployment modes
We don't want to send all our traffic to IPS hence I was looking for options where I can deploy the same device as IPS for some critical data and IDS for other traffic. Some of my friends say firepower can send tcp resets even when its configured as IDS, is that achievable? My understanding was IDS can not take any action since its passively listening to traffic spanned to it. Can someone shed some light on this to me if there is a way to do this ?