Chapter 12. Signature Response

Upon completion of this chapter, you will be able to perform the following tasks:

  • Define IP blocking

  • Identify the types of managed devices

  • Identify the factors that impact IP blocking usage

  • Configure IP blocking using IDS Device Manager (IDM)

  • Configure IP blocking using Management Center for IDS sensors (IDS MC)

  • Define the master blocking sensor

  • Configure manual blocking using IDM

  • Configure IP logging using IDM

  • Configure IP logging using IDS MC

  • Define the TCP reset action

Signature Response Overview

By default, your Cisco IDS sensors analyze network traffic and generate alarms that your monitoring application retrieves and displays in a graphical interface. In some situations, however, it is beneficial to respond to intrusive ...

Get CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.