Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
390
Views
0
Helpful
1
Replies

What are the limitations for shunning devices

pheuch
Level 1
Level 1

‎11-27-2002 12:52 AM - edited ‎03-09-2019 01:13 AM

I remember that I read for older releases, that the IDS system can only shun ip addresses if the ACL of the router is controlled by the IDS only.

I guess that this changed. What is the current status ? Can anybody give me a link to the list of devices (firewall/router) that are supported (sensor is a Cisco Secure IDS 42...) and the limitations ?

Thank you

Labels:
0 Helpful
1 Reply 1

stleary
Cisco Employee
Cisco Employee

‎11-28-2002 06:06 PM

Here is a link to the currently supported devices:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13870_01.htm#xtocid20

The main limitation for routers and switches is that IDS must be the sole

controller of the interface/directions which have been configured

for shunning. This has not changed since the older releases.

This does not apply to PIXes however. IDS uses a new shun command

on the PIX, so users can modify PIX ACLs whenever they wish.. The

main limitation for PIXes is that network shuns (as opposed to host shuns)

are not supported.

0 Helpful
Customers Also Viewed These Support Documents