Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1276
Views
20
Helpful
5
Replies

Signature Tuning - Exception

bill_martin
Level 1
Level 1

‎01-06-2011 11:57 AM - edited ‎03-10-2019 05:13 AM

I would like to create exceptions within particular signatures to ignore IP addresses. How do I perform this task?

Labels:
0 Helpful
5 Replies 5

rhermes
Level 7
Level 7

‎01-06-2011 01:01 PM

You want to configure an Event Action Override for this IP address.

http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/idm/dmEvtRul.html

- Bob

Keith Craycraft
Level 1
Level 1

‎01-07-2011 11:02 AM

Bill,

     I have found this is easier to do from the IME.

     go to the configuration at the top and when the configuration screen comes up select polices button on the left side.

    

     in the policy tree select IPS policies.  you should have an event actions section  from here you can select Add to create a new filter.

     Here is link for document for configuring this. http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/idm/dmEvtRul.html

Below is what the screen will be like, using the Demo version of IME.

I would play with this feature in the demo version of IME before i tried it in production.

Hope this helps

Keith

bill_martin
Level 1
Level 1
In response to Keith Craycraft

‎01-10-2011 09:36 AM

Thanks for the help however neither method will work.  We use CSM to manage the

devices and any change made locally will be overwritten by CSM!

0 Helpful

bill_martin
Level 1
Level 1
In response to rhermes

‎01-11-2011 06:49 AM

Bob,

Thanks, I give it a try...

Bill

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top