Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We need to have only have email alert intrusions only for critical servers.
The options only I see is for per categories in Policy>Actions>Alerts.
Is this possible?
I will configure "errdisable recovery cause mac-limit" but where it will get its mac-limit? Is it on "switchport port-security maximum <number>"?
What will be the cons of using "errdisable recovery cause mac-limit"?
The procedures you provided is for setting up email alert.
The current situation is that any hosts that affected by intrusions are sending email alerts.
We want to happen is that if there are intrusions only for DMZ servers that is the time it will ...
