Intrusion Prevention

  • 1.  IDP policy

    Posted 01-01-2010 03:57

    I want to ask:

     

    1- What is the difference b/w action non and ignore?

    2- What is the difference b/w just logging and log packets?

     

    Thanks



  • 2.  RE: IDP policy
    Best Answer

    Posted 01-01-2010 11:46

    Hi,

     

    Q1: both no action but ignore also ignores remainder of session, no further scanning.

     

    Q2: Logging logs the match on a signature (Found this or that) log packets save some packets around the attack for further analyses with e.g. wireshark



  • 3.  RE: IDP policy

    Posted 01-02-2010 13:00

    Thanks