Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What are the limitations for shunning devices

I remember that I read for older releases, that the IDS system can only shun ip addresses if the ACL of the router is controlled by the IDS only.

I guess that this changed. What is the current status ? Can anybody give me a link to the list of devices (firewall/router) that are supported (sensor is a Cisco Secure IDS 42...) and the limitations ?

Thank you

1 REPLY
Cisco Employee

Re: What are the limitations for shunning devices

Here is a link to the currently supported devices:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13870_01.htm#xtocid20

The main limitation for routers and switches is that IDS must be the sole

controller of the interface/directions which have been configured

for shunning. This has not changed since the older releases.

This does not apply to PIXes however. IDS uses a new shun command

on the PIX, so users can modify PIX ACLs whenever they wish.. The

main limitation for PIXes is that network shuns (as opposed to host shuns)

are not supported.

210
Views
0
Helpful
1
Replies
CreatePlease login to create content