It seems that when I update a sensor, be it through deploying modifications or signature updates, that I have to go through a whole new process to get SECMON to start reporting again.
I know it takes some time for signature updates to start reporting again and it is wise to stop the sniffing interface if the sensor is really busy, but how long is long. Is there a set amount of time I should wait? Also, is there something I can do to speed the process up. Obviously this is not something I should do in the evening when we are attempting to halt suspicious activity.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...