Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
321
Views
0
Helpful
1
Replies

Traffic Flow Notifications

cjbogaards
Level 1
Level 1

‎05-25-2006 08:53 AM - edited ‎03-10-2019 03:02 AM

Unable to get traffic flow notifications from and IPS Ver 5 sensor to show up in CSMARS. They are showing in the monitoring on the sensor, but never show up in CSMARS.

Is there something special that has to be done for these to be sent to CSMARS?

I realize that they are a different type of event, but they still should be able to be pulled into CSMARS for reporting and monitoring purposes.

For example, I want to set the Interface Idle Threshold at XX seconds. If for some reason there is no traffic coming across the sensing interface I want an event triggered in CSMARS.

Any thoughts?

Labels:
0 Helpful
1 Reply 1

a-vazquez
Level 6
Level 6

‎05-31-2006 06:16 AM

Yes the problem seems to be with traffic not reaching the sensor's interface. Please check that you are running trunking in the switch where the IDS is sniffing from. The switch must be replicating the traffic over to the vlan where the IPS is connected. Regarding the inline or promiscuous mode, promiscuous mode works fine and it will help with the testing. Much of it depends on thenetwork topology since in inline mode the traffic now runs through the IPS box.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card