InformationEnables the intrusion prevention with the IP audit feature on untrusted interfaces
The intrusion prevention is an additional feature for which the security appliance audits the traffic in order to identify vulnerability exploits. This is achieved because specific signatures are matched in the traffic. There are two types of signatures, attack signature for which the traffic is intended to harm the internal resource and informational signature for which the traffic is to gather information on internal resources through port scans, ping sweeps, DNS zone transfers and many others. The possible actions to prevent the intrusion are to drop the traffic, to reset the connection or to send an alarm.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
SolutionConfigure Intrustion Prevention settings with Firepower Management Center:
Step 1 - Choose Policies > Access Control > Intrusion.
Step 2 - Manage your intrusion policy