Auto-update of IPS rules

Unanswered Question
Feb 9th, 2007

Is there a way to let IPS automatically update with new rules delivered by Cisco or an other trusted source ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
tobiaseichner Sat, 02/10/2007 - 04:55

Sorry, I had better provided more information about the router and software I use: It is a Cisco 1712 with SDM 2.2 installed.

All I currently can do is to add new SDF files, but I guess that this is no auto-updating process running regularly.

Is there any add-on or something similar that works for my case ?

tobiaseichner Sat, 02/10/2007 - 05:29

Here is a screenshot. I have added the attack-drop.sdf file as recommended by Cisco's website. Is there anything more I can do ? I guess this adds just default rules, but does not update them regularly.

And may I ask a follow-up question: Is there a way to let the router notify me by e-mail when an intrusion is detected/prevented ? I see the log file ("Monitor", "Logging"), but can't find a way to get notified.

Attachment: 

Actions

This Discussion