Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CISCO IPS_Query

Hi Team,

Is that possible to block traffics based on Source and destination in Cisco IPS 4200 series sensor.

IPS is installed in promiscous mode.

regars

Rajesh

4 REPLIES
New Member

Re: CISCO IPS_Query

Does anyone have answer to my query

Gold

Re: CISCO IPS_Query

yes, you can "shun" to a cisco firewall (PIX or ASA) or a cisco router. In both cases the IDS sensor will populate an ACL to block your attacker. You need to have some signatures action set to "shun" and of course enter the router/firewall information (IP, username, password) into your sensor.

New Member

Re: CISCO IPS_Query

Could you explain me.

Gold

Re: CISCO IPS_Query

Here's a good configuration guide to shunning with a 4200 series IPS sensor and a router.

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_example09186a00801c0e3c.shtml

Here are some other useful IPS config guides:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/prod_configuration_examples_list.html

156
Views
5
Helpful
4
Replies