CCSP IPS Quick Reference

Chapter 4. Advanced Configurations

Advanced Tuning

You should have the following information before you attempt advanced tuning:

The network topology
The network address space
Which inside addresses are static and which are DHCP
The operating system running on the servers
Applications running on servers
The overall security policy

Sensor Configurations

The location of the sensor is important for tuning considerations. The nature of the traffic that the sensor monitors will vary, and so will the security policy that the sensor interacts with. When the sensor is outside the firewall, for example, you should avoid assigning a high severity level to any single event. Also, turn off all response actions, and use the sensor to look for trends that ...

Get CCSP IPS Quick Reference now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCSP IPS Quick Reference by Anthony Sequeira

Chapter 4. Advanced Configurations

Advanced Tuning

Sensor Configurations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly