Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IOS FW/IPS on a 2651XM best practices

I have a 2651XM with 128MB and I'm trying to figure out what the best practices are as far as IPS is concerned. I downloaded the latest SDF and I'm trying to load all the threats (excluding the disabled ones) via SDM but for some reason the number that's actually gets applied is always lower than the original number listed when I first select them. I can see that the router runs out of memory while loading the definitions but I'd guess that that's normal. This happens even if I just try to load the ones with High severity. Am I doing something wrong? What's a good number of definitions given the the specs of my router. Also, can I automatically block all packets matched against IPS. Are the built-in definitions a waste of time or should I be using those?

Also, how would I go about creating my own SDF - I can see that hey come in XML format.

Thanks in advance!


Re: IOS FW/IPS on a 2651XM best practices

you can use this link for a bereinformaiom.

CreatePlease to create content