My question concerns the way to send SNMP traps as an alert format.
I am totally aware that the AIP-SSM/IPS 4200 does not support syslog as an alert format.
The default method is through SDEE but I really don't want to use MARS to get my security events (I have more than 10 devices so don't think about IME )
I'e read that I have to configure individual signatures in order to generate a SNMP trap as an action to take when they are triggered.
So is this correct?:
Is it possible to enable it "globally"? For example for all signatures with a level higher than informational? Is it done with this option? :
what is the first action "deny packet inline"? Is it really done because I am using the AIP-SSM in promiscuous mode...
Thanks a lot!