Hello,
I have installed an SSM module in a 5510 firewall, and am running IPS in promiscous mode. Using the default configuration i can see lots of packets being denied, and when i tested it in inline mode almost all the websites i tried to connect to didn't work including Cisco.com.
google.com, and gmail both worked, Cisco.com only loaded half a page, microsoft.com, bbc.co.uk, telegraaf.nl, and sportinglife failed to load.
My first question is did i do something wrong?
Why is it so restrictive, this doesn't meet the balance between security and productivity?
Is there a suggested configuration that i can download, or do i need to go through each alert and assess the security risk?
Any advice would be appreciated.
Thanks
Andrew
The device is running 7.0(5a)E4S589.0 signature 589.0