05-17-2010 06:55 AM - edited 03-10-2019 04:59 AM
Hello guys!
Anomaly-detection algorithm detectand stop zero-day threats
Does the above means that no attack may Happend when we have used the anomaly detection on the IPS?
Thanks
05-17-2010 09:18 AM
No, this does not mean that no attack can happen when the anomaly detection functinality is in use. It does allow the IPS sensor to better determine the possible activity of a wormspread across your network. The anomaly detection component lets the sensor learn normal activity (baseline) and in turn send alerts or take dynamic response actions for behavior that deviates from what it has learned.
You can find out more about the IPS anomoly detection engine here:
http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/idm/dmAD.html#wp1184302
Thanks,
Scott
05-23-2010 07:23 AM
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide