* IPS enabled and restarted the host box. Also done several IPS app restarts.
* Run the IPS setup wizard. Results in 22,330 log rules enabled
* For attempted-recon classtype I manually checked block for 27 rules
* When I go to Reports > All Events log I see a good log and status page has 1000's of sessions scanned and 0 blocked
* Rules that are blocked in the rules list never show as blocked in the report (false). I am using a rule (SID:7, GID:122, CID:4) that is getting hit every couple of minutes so I am expecting it to be blocked, but never does.
- NG Firewall
- Solutions by Industry
- Solutions by Issue