Intrusion Prevention

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  IDP policy

    Posted 01-01-2010 03:57

    I want to ask:

     

    1- What is the difference b/w action non and ignore?

    2- What is the difference b/w just logging and log packets?

     

    Thanks



  • 2.  RE: IDP policy
    Best Answer

    Posted 01-01-2010 11:46

    Hi,

     

    Q1: both no action but ignore also ignores remainder of session, no further scanning.

     

    Q2: Logging logs the match on a signature (Found this or that) log packets save some packets around the attack for further analyses with e.g. wireshark



  • 3.  RE: IDP policy

    Posted 01-02-2010 13:00

    Thanks