Using the
Master Blocking Sensor
We previously discussed master blocking and its methods for
securing various entrances to our networks. If we have a large network with
master blocking in place, our sensors will dynamically update each other to
protect all entries before an attack can reroute and attempt to regain access.
Lets take a look at how this option can be configured.
Select a sensor that will use master blocking from the Network
Topology Tree in the left pane of the Cisco Secure Policy Manager. Select the Blocking tab and the Master Blocking Sensor
subtab. The Master Blocking Sensor subtab can be seen in Figure 8.9. In this area,
we can see the sensors, if any, that are currently serving as this sensors
master blocking sensors.
Select the Add button which will open the
Blocking Sensor Selection window, this can be seen in figure 8.10. From this
window, select the name of the sensor that has been chosen to be a master
blocking sensor and select OK. In this example, we see that
Sensor3 is our only option.
Now select OK and click Save to save the new settings. From here, we need to update and
distribute, or push, our new configuration files as mentioned earlier. Again,
this is performed by using the Update and Approve Now buttons under the Command tab of
our sensors.
Sections
Comments (0 posted)
Syndication
