• Home
  • Systems
  • Networking
  • WordPress
  • Web
  • Geekery

Analysis and Review

Cisco IPS Global Correlation

July 9, 2009 by Kurt Turner

Why you need to upgrade to the latest IPS Software 7.0

Global Correlation

We have needed this, wanted this, and have lived without it for long enough. Global Correlation (Cisco GC) builds a database of network devices that have a reputation for malicious activities. When a host which is monitored by your Intrusion Prevention System sees a known malicious device it will take action against it based on preconfigured rules.

Cisco IPS Global Correlation
Cisco IPS Global Correlation

You have to configure DNS after you upgrade to 7.0 which will allow the IPS global correlation to obtain reputation data. The reputation data contained in the Global Correlation updates is factored in to the analysis of network traffic, which increases IPS efficacy. The participating IPS devices send data back in to the Global Correlation database, which results in a feedback loop that keeps the updates current and global. Naturally one can configure the sensor to participate in the Global Correlation updates and or in sending telemetry data or you can turn both services off.

How to configure global correclation in your cisco IPS can be found here for CLI and here for IDM.

Filed Under: Networking

Latest and Greatest

Apache vs Nginx for WordPress

Certbot Lets Encrypt And WordPress MU Multi-Site

How To Find and Replace Multiple File in MS Word

How To Get Stretch Res on Windows 10 AMD Radeon For Game Play

This is the ASUS Chromebox we've been running for 2 years as our "brain" for our home grown digital display kiosk.

DIY Digital Signage Bulletin Board or Kiosk

© Copyright Analysis And Review · All Rights Reserved ·