Hi security gurus!
Can someone please shed me more light on the value of Global Correlation and Network Participation available at IPS 7.x
We've enabled it on the clients IPS appliances and now the only information I see is some cryptic reports seen at IDM gadgets.
It says that the reputation filtering is 100% under Percentage of malicious packets indentified. So what ?
How would I know exactly what those packets are and where did they come from?
Other metrics are Global Correlation inspection and Traditional IPS Detection techniques are 0%
What does it mean? Doesn't something work ? Why are they 0% ?
How is this normally sold to the customer if there's no credible information about it?