Could someone share IPS policy schema to interpret the structure of information received from IPS transaction server?Also, I am looking for references to documentation on IPS 6.x transaction server. Does that information exist somewhere?Thanks in ad...
Hi,I would like to find out if it is possible to retrieve an active IPS signature policy from the device? I would like to obtain a complete policy currently running on the sensor not via CLI.P.S. I was under the assumption that the sensor will stor...
Greetings all. Apologies for the dramatic headline but I'm in a bit of a time crunch.I have a 4215 running 6.0(3)E1. The device is inline. Below is an event which triggered,========================evIdsAlert: eventId=1184881408377311643 severity=low ...
I can't seem to find a good answer to this... I need to have certain hosts be able to run blocked applications on other hosts. Can I set exceptions by username and/or IP address?
Hello,I have done some research looking around the forum, docs and could not find any details whether a static route could be added onto 4215 sensor besides the default gateway.Is that feature not supported? Has anyone ran into similar issue?Thanks,
In the recent Cisco's Bulletin, it stated that E2 engine update will be available by June 15, 2008.Is there a reason why Cisco hasn't published it yet?Thanks,
Is that a reliable assumption? It also appears that a "Severity" and some times "Action" fields don't show up for a particular sig. What would be the assumption there?Thanks,
Since I couldn't find any documentation on how to retrieve the signature policy from SDEE server, I've decided to simply copy the default.xml & sig0.xml and join it myself.I started finding information that for some reason is showing up on the CLI an...
You've mentioned in your previous post that policy sig0 could be retrieved via HTTP post method or scp a copy of the individual files (default.xml).I am able to pull instance policy XML by referencing getConfigDelta from the transaction server.Could ...