anyone has any sample configurations ? i just look at look at pdf guide and could not understand it.
a few questions too.
1. The IPS signature id 13000 +- is using 'traffic anomaly engine' , it is related to AD settings ? is it correct to say that?
2. How do i link between AD & 'traffic anomaly engine' signatures? if i assume 1. is correct
3. I need to create a 'traffic anomaly' ip rule to alert me if there's a sudden surge of traffic. would this be possible via cisco ips ?
i would appreciate any help as there seems to be limited information about these in cisco website