Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1366
Views
0
Helpful
2
Replies

IDSM-2 email question

Garrison Botts
Level 4
Level 4

‎11-06-2013 02:21 PM - edited ‎03-10-2019 06:05 AM

I have a 6500 with an IDSM-2.  I'm getting request for email notification on certain signature hits and need to know if it's possible before spending a lot of time configuring.. Thanks in advance for any replies...

Here's the scenairo:

I currently have the IDSM-2 inline on the outside of our network.... 

Internet ---> Router----> IDSM-2---FWSM---> Router ---->internal network

I know this is not the conventional way to use (by cisco's TAC eng), but it works in this solution.  I have multiple PAT addresses on the FWSM. If one is blocked by the IDSM-2 they'd like to get a notification. That would mean something inside is generating suspicious traffic outbound. They have internal systems that check this as well but they'd like an email just for the PATs only...

All other blocks will go to through the normal notification processes....

Labels:
0 Helpful
2 Replies 2

rhermes
Level 7
Level 7

‎11-19-2013 09:02 AM

There isn't an option for Emailing alerts from the IPS Sensors (including the IDSM).

You can configure all your blocking signatures to generate an SNMP Trap and have your SMNP Receiver alert you to the event.

_ bob

0 Helpful

Ravi Singh
Level 7
Level 7

‎02-13-2014 02:07 PM

Yes there is no Emailing option in IPS. You have to configure the SNMP trap for the same.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card