Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Just wanted to get an idea of what others thought about signatures that are enabled by default with an action.In our environment we've already seen a few false positives but we have all signatures set for "alert only" for now. We got hit by the ASA ...
Agreed. While I think that control of "banned" apps. such as P2P, IM, etc., is best solved with a well written and enforced corporate policy, it's still nice to have the IDS be able to flag violations for us.For us enforcing the no IM/P2P is not a lo...
Don't worry too much about shutting down "good" traffic. When you start you can set all signatures to "Produce Alert" only. That will give you some time to see what might get blocked if you enable packet dropping/blocking.Make sure you have given the...
There's probably not a "1 size fits all" answer here. If you have unlimited $$$ then you could sprinkle sensors all over you network but I'm guessing that's not the case. As such your going to need to take a few steps that will help you design your I...
!!! Just be careful running the "cl xlate" command in a production environment. That could really impact your current traffic and cause the phones to ring.
