Solved: IDS

sushilk · ‎01-24-2005

Hi,

Does IDS drops packets????

If yes then in what conditions?

Thanks

sachinraja · ‎01-24-2005

Hi sushil

IDS can be configured to drop packets. IDS basically can do the following:

log, reset tcp, shun connection & shun host..

IDS has a list of predefined attacks called signatures. You can manually configure a signature and set it to block a host or connection or reset the tcp session. by default logging is enabled on signatures.

for eg, you have a sync attack from one of the host, which the IDS detects from its signature database. You , as an administrator, can manually go to the signature and configure it as "shun host" or "shun connection" to block the packets. blocking can be done on a firewall or a router, which will act parallel to the IDS.

hope this helps.. for more information you can visit www.cisco.com/go/ids

Raj

View solution in original post

sachinraja · ‎01-24-2005

Hi sushil

IDS can be configured to drop packets. IDS basically can do the following:

log, reset tcp, shun connection & shun host..

IDS has a list of predefined attacks called signatures. You can manually configure a signature and set it to block a host or connection or reset the tcp session. by default logging is enabled on signatures.

for eg, you have a sync attack from one of the host, which the IDS detects from its signature database. You , as an administrator, can manually go to the signature and configure it as "shun host" or "shun connection" to block the packets. blocking can be done on a firewall or a router, which will act parallel to the IDS.

hope this helps.. for more information you can visit www.cisco.com/go/ids

Raj

IDS

Cisco ISE with Microsoft Active Directory, Entra ID, and Intune

Now in Public Preview: Duo's Microsoft Entra ID EAM Integration

How to create a Cisco CCO ID

ISE BYOD Flow Using Entra ID

Wifi Option VLAN ID