Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dear Cisco Community,As I know, an IPS/IDS can't inspect encrypted traffic by default. Am I able to configure the keys and the IPS/IDS can decrypt the traffic and encrypt it again after the traffic was inspected?
Dear Cisco community,The users experience quiet often disconnections while using OCS. As we completely bypassed the CSS, the disconnections disappeared. So, something must be wrong with CSS. OCS is using TCP ports 135, 5060, 5061, 444 and 443. For ea...
Dear Cisco Community,We implement TCP Intercept in intercept mode, unfortunately we discovered connection problems to the servers, we changed the mode to watch, the connection problems did not disappear unless we removed the feature completely.1. -> ...
Hi Farrukh,Fully Agree. By the way, we do not plan to inspect traffic before it enters the FW but after but just after the FW and again after the traffic left the FW towards inside. To be honest, I would realy like to see, we would add HIPS to our so...
Hello Farrukh,Thank you for your response. I've planned to inspect all traffic (as you propose, as well) after it enters the FW on the outside interface and again as it exits the FW, just after the FW outside interface. If I understood you right, you...
Hello Rhermes,Agree, it's important to closely monitor performance. I assume, inspect SSL traffic on the host is another way to implement inspection of SSL.Best regards,Alex
Hello Farrukh,Thank you for your response, I really appreciate it. I believe, there are several ways how I could inspect SSL. Either with another vendor NIPS or on the host with HIPS.Have a nice day.Cheers Alex
