Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1432
Views
5
Helpful
2
Replies

IPS with Anomaly Detection

alsayed
Level 1
Level 1

‎05-17-2010 06:55 AM - edited ‎03-10-2019 04:59 AM

Hello guys!


Anomaly-detection algorithm detectand stop zero-day threats

Does the above means that no attack may Happend when we have used the anomaly detection on the IPS?

Thanks

Labels:
0 Helpful
2 Replies 2

Scott Fringer
Cisco Employee
Cisco Employee

‎05-17-2010 09:18 AM

No, this does not mean that no attack can happen when the anomaly detection functinality is in use.  It does allow the IPS sensor to better determine the possible activity of a wormspread across your network.  The anomaly detection component lets the sensor  learn normal activity (baseline) and in turn send alerts or take dynamic response actions  for behavior that deviates from what it has learned.

  You can find out more about the IPS anomoly detection engine here:

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/idm/dmAD.html#wp1184302

Thanks,

Scott

alsayed
Level 1
Level 1
In response to Scott Fringer

‎05-23-2010 07:23 AM

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card