Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
246
Views
0
Helpful
1
Replies

about IDS test.

zoushan
Level 1
Level 1

‎07-01-2002 07:26 PM - edited ‎03-08-2019 11:16 PM

Hello,

I have currently deployed a ws-x6381-ids module with CSPM2.3i. The IDS is monitoring one port of a switch & the other is connected to a management VLAN.

I am now do some testing to verify whether our ids system work well and What the ids can do ?How can I do that?

Labels:
0 Helpful
1 Reply 1

yusuff
Cisco Employee
Cisco Employee

‎07-01-2002 09:52 PM

In order to test if your IDS is receiving alarms, you need to generate false alarms, for eg; you can configure CSPM that if someone pings i.e. 'icmp-echo' request, you should see a Level 5 alarm.

Modify the signature database on CSPM for the echo-request signature to Level 5 and then push the config to sensor. Then do a ping test and check the Event Viewer if you see Level 5 alarms.

HTH

R/Yusuf

0 Helpful
Customers Also Viewed These Support Documents