Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
876
Views
10
Helpful
2
Replies

updating IPS rules and applying them on fmc risks

baselzind
Level 6
Level 6

‎11-03-2020 01:48 AM

i have a fmc with 2 years old ips rules , is there a risk if  update the ips rules and applied them to a production environment?

0 Helpful
2 Replies 2

Mohammed al Baqari
Level 11
Level 11

‎11-03-2020 04:11 AM

Hi,

Try to update IPS rules then run recommendation task. Once recommendation
is completed, try to apply the IPS rules. This is safer approach.

After couple of days of monitoring, you can tweak rules as needed.

**** please remember to rate useful posts

Marius Gunnerud
VIP
VIP

‎11-03-2020 04:24 AM

I agree with Mohammed here.

1. Disable inline drop

2. Run the generate recommended rules

3. Monitor for a few days to identify if there are any false positives

4. Activate inline drop

 

Once the rules are updated, I would suggest setting a scheduled task that updates the IPS rules on a regular basis.

--
Please remember to select a correct answer and rate helpful posts
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card