O'Reilly logo

CCNP Security IPS 642-627 Official Cert Guide by Keith Barker, Odunayo Adesina, David Burns

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 13. Managing False Positives and False Negatives

A Cisco Intrusion Prevention System (IPS) is suspicious and not trusted when there are many false alarms. This chapter discusses methodologies to tune and tweak the sensor to manage and reduce the number of false positives and false negatives. In this chapter, you learn the following:

Identifying False Positives and False Negatives: Understanding when the sensor is setting off alarms, when it shouldn’t be, or missing malicious traffic when it should be firing off alarms is a critical first step in tuning the sensor for the network.

Tuning to Reduce False Positives: Reducing or eliminating the erroneous alerts generated by the sensor.

Tuning to Reduce False Negatives: By adapting ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required