07-15-2009 02:00 PM - edited 03-10-2019 04:42 AM
hi
I'm reviewing the situation next three traffic zones outside, inside, DMZ,
service-policy xxxx-policy interface outside
service-policy xxxx-policy interface inside
service-policy xxxx-policy interface dmz_stgo
and I need to lower the level of examination but only in one area, which is the area inside,
such outside high-DMZ
DMZ-outside high
inside low-DMZ
07-15-2009 02:14 PM
Please give us some additional detail on whatyou mean by "lower the level of examination" on one of your interfaces. Did you want to apply a subset of the signatures? (then you'd go down the virtual sensor path) Or, did you want to filter the IP addresses/port reaching the sensor on that interface? (then you'd adjust the class-map ACL)
07-15-2009 02:48 PM
ok I have a situation where some companies want to change but the signatures are applied only to traffic from inside to DMZ
and the class-map
access-list xxxx permit ip any any
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: