Can any guide me configure security for permiter cisco FWSM? Is there are best practice or standard configuration recommanded by cisco for perimeter firewall?
I'm getting ~ 330,000 "TCP Segment Overwrite" alerts a day from the 6 IDS/IPS sensors. Destination of these packets are 0.0.0.0 or Internal IPs(10.x.x.x). The source IP is mostly Internal Subnet (10.x.x.x). Do I need to investigate these events/alert...
Hi,We are getting some events on IPS for Nmap UDP Port Sweep (Signature - 4003). Attacker shows an external address, what can I do for this alert, what actions can I take?
Whats the Default Gateway on the PC's ...it should be the Router interface IP's ....Have you enabled ip routing on router. Can u ping the Router interface from PC on the same subnet ...