cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
475
Views
5
Helpful
3
Replies

Auto-update of IPS rules

tobiaseichner
Level 1
Level 1

Is there a way to let IPS automatically update with new rules delivered by Cisco or an other trusted source ?

3 Replies 3

If you are using IPS MC you can setup auto download and application of update files on the sensors. Here's the link that describes the process.

http://www.cisco.com/en/US/products/ps6498/products_user_guide_chapter09186a00806167eb.html#wp989412

HTH

Sundar

Sorry, I had better provided more information about the router and software I use: It is a Cisco 1712 with SDM 2.2 installed.

All I currently can do is to add new SDF files, but I guess that this is no auto-updating process running regularly.

Is there any add-on or something similar that works for my case ?

Here is a screenshot. I have added the attack-drop.sdf file as recommended by Cisco's website. Is there anything more I can do ? I guess this adds just default rules, but does not update them regularly.

And may I ask a follow-up question: Is there a way to let the router notify me by e-mail when an intrusion is detected/prevented ? I see the log file ("Monitor", "Logging"), but can't find a way to get notified.