Hello All, In the lab, suppose the IPS task asks us to log all ICMP echo packets and fire an alert with "high" severity . I was wondering we are expected to head down to the event-action filters section and add a filter for that particular signal ? ( to prevent the packets from getting dropped in-line )?
Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
