Cisco IPS anomaly engine

Unanswered Question
May 28th, 2009
User Badges:

hi,

anyone has any sample configurations ? i just look at look at pdf guide and could not understand it.


a few questions too.


1. The IPS signature id 13000 +- is using 'traffic anomaly engine' , it is related to AD settings ? is it correct to say that?


2. How do i link between AD & 'traffic anomaly engine' signatures? if i assume 1. is correct


3. I need to create a 'traffic anomaly' ip rule to alert me if there's a sudden surge of traffic. would this be possible via cisco ips ?



i would appreciate any help as there seems to be limited information about these in cisco website



Thanks!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
yuliang13 Wed, 06/03/2009 - 22:20
User Badges:

anyone can help me to fully utilize this function ? thanks

Actions

This Discussion