2 Comments

  1. shaktavist
    August 15, 2019 @ 3:49 am

    What are your thoughts for someone that maybe using balanced security for IPS in Production? How do can you safely test a more secure level above? My understanding from this is you would have to uncheck the option drop when inline for a while?

    Reply

    • Todd Lammle
      August 15, 2019 @ 8:21 am

      Yes, its pretty simple. Just change your base policy to SoC and uncheck the Drop while inline. Spend a couple days or so adjusting the rules that show they would have dropped making sure they weren’t false positive, and then check the drop while in line box, save and redeploy.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *