Hi all,
I am currently in the process of configuring the machine with the CSPM
2.2, I was wondering if someone from the group has any experience with that
machine, although it works I am still having some unresolved issues in that
matter.
The Sensor, a 4220 IDS machine is snooping the network and it suppose to
either reset, block or both.
>From my tests I have discovered some problems with it operation like:
1. Tcp resets don't work well, it doesn't intercept all the TCP connections
and reset them.
2. Connection shunning is very limited and it allows the first connection to
pass through.
3. The shunning that the Sensor is issuing aren't port specific.
4. The shunning cannot be configure to be performed on the PIX it self, a
thing that limits the effect of the IDS in a very dramatic way.
5. The logging are very poor in details.
Those are my impressions and I hope that someone prove me wrong.
Waiting for some input
Gil
CCNA/CCDA/CCSE
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
