10-23-2001 01:16 PM - edited 03-08-2019 08:55 PM
Has anyone used the IDS module for the 6000? I have it installed but all it will do is monitor. It does no blocking. They just released 3.0 for this module, does this support blocking and if so how and what forms of blocking will it do?
Thanks,
Chris Fowler
10-23-2001 04:39 PM
Are you using CSPM to manage the sensor? If so, you can configure blocking from CSPM - see http://www.cisco.com/univercd/cc/td/doc/product/ismg/policy/ver22/config/nwdevs.htm#xtocid2325713
10-23-2001 06:04 PM
There are two response actions in the IDS products: Shunning and TCP resets.
Shunning is supported by both the appliance and the module in the 3.0 release. TCP resets are not supported in the module, only the appliance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide