A customer has purchased from us a IPS 4240 box.
I recently configured the box. It will monitor the customers Network in the following configuration:
1 Inline Interface pair created from G0/0 and G0/1. Traffic from the customers edge moves in on the IN (G0/0) interface and then in turn exits out to our Outside Perimeter Firewall which guards the customer DMZ.
We have scheduled the Inline Interfaces to be connected this evening.
I have a question regarding this installation:
1) We have the default "vs0" Virtual Sensor assigned to the Inline Interface Pair. If in fact any Positives are identified, where in IDM would I be able to see what is happening...(very important as in case of False Positives, I have to be able to get traffic moving again.