Operational impact of putting SSM-IPS into inline mode?

Unanswered Question
May 27th, 2009

Greetings all. I wanted to ask if anyone could speak on the behest of the operational impact caused by putting an SSM IPS card into inline mode? In specific I'm talking about the act of switching it on and the effect on traffic the instant it's enabled.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
BrinksArgentina Thu, 05/28/2009 - 11:07

I remember that all active connections are closed. This happend when IPS switchs form bypass to inline or vice versa.

But you can test redirecting only test traffic using an ACL.

</p><p>access-list toIPS permit ip host yourpc any</p><p></p><p></p><p>!</p><p>class-map my_ips_class</p><p>match access-list IPS</p><p>class-map all_traffic</p><p> match access-list toIPS</p><p>class-map inspection_default</p><p> match default-inspection-traffic</p><p>!</p><p>!</p><p>policy-map my-ids-policy</p><p> class my-ips-class</p><p>  ips promiscuous fail-close</p><p>!</p><p>service-policy my-ids-policy global</p><p>


Please rate all the helpful comments.


This Discussion