Unanswered Question
Aug 5th, 2008
User Badges:

Hi Team,

Is that possible to block traffics based on Source and destination in Cisco IPS 4200 series sensor.

IPS is installed in promiscous mode.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Sec IT Wed, 08/06/2008 - 01:45
User Badges:

Does anyone have answer to my query

rhermes Wed, 08/06/2008 - 08:36
User Badges:
  • Gold, 750 points or more

yes, you can "shun" to a cisco firewall (PIX or ASA) or a cisco router. In both cases the IDS sensor will populate an ACL to block your attacker. You need to have some signatures action set to "shun" and of course enter the router/firewall information (IP, username, password) into your sensor.


This Discussion