I currently have a Cisco IPS 4240 employed inline in my Customers Network. It is inside of the border Router, and in front of the Outside Firewall which protects the DMZ.
the IPS is already configured to block certain types of packets inline. I was reading about blocking and the ability of the IPS Sensor to not only manage other devices (both our border router which is a 3825 and our ASA which is a 5520) are capable of being managed for blocking purposes).
Can someone give me a practical example of why I might want to configure either the border router or the ASA to block for the Sensor?
I think that capability existed before the inline existed. However, there still may be good reasons to use it. You could deny an attacker at the border [and any other border] and prevent packets from hitting networks and devices that are either before the IPS or not protected by it inline at all.
That's a good answer. My customer does not have any devices between the border router and the IPS, so perhaps we do not need to use any blocking... what about blocking things coming from inside networks? We have a DMZ that is separated by ASA's on both sides, and both of these are inside of the IPS unit?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...