I have a 4255 IDS/IPS sensor running v7.04, everyday at 2pm it is doing something that causes it to either reboot or stop passing traffic long enough for my firewalls to think that I am no longer passing traffic which forces them to fail-over. I have looked at the auto updates and they are not scheduled to run, I have tried to look to see if there are any events that are happening during that time and I can find nothing. I do not know if there are more comprehenisve logs that I should be looking at but if someone can offer suggestions I would be greatly appreciative.
If the issue still persists after ensuring that all the above is off you might want to gather a show tech output. In the show tech output search for the word "main.log" and start searching via the time stamp for any messages around 2:00pm. Also what is your bypass mode set to (auto,on,or off)?
You mention that the IPS inline with the active firewall reboots, or stops passing traffic. Do you mean that you are not sure which? If so, you can check the sensor up-time in the output of a "show version."
Would you mind forwarding a "show tech" for us to review?
Meet the Authors Event - CCIE Security in a Remote and Cloud Driven Network: SASE and Beyond
(Live event – Thursday, 29th, 2021 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 29th, April 2021 at 10...
Application Protection, Availability & Security
Join our webinar May 6th to gain valuable industry insights into the most recent application cyber attacks and to understand the potential impact bot traffic is having on your business.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...