Preferred method for blocking a source IP on IPS 7?
Is there any advantage to creating a custom atomic signature that blocks the IP address vs making a host block that does not time out? Seems to me the first would give a lot more logging options, but the second method would be a bit simpler for engineers to maintain. Is there an official prefered method? Basically for manual blacklisting.
Re: Preferred method for blocking a source IP on IPS 7?
Do you want to block ALL the traffic from a static IP address?
I'm not so sure that an IPS Sensor is the proper platform for manual blacklisting. Wouldn't you rather use your firewall or router that already has static ACLs? Either of them can log attempts.
The IPS can capture packets, but if you're blocking connections, you will only get to see one side attempt to initiate a connection. Using a custom signature that will fire every time a known bad actor attempts a connection could be a waste of sensor resources.
Maybe I don't understand what you're trying to achieve.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...