Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IPS/IDS demo on Meraki MX

Avdhesh
Here to help
‎Apr 1 2023 2:46 AM
‎Apr 1 2023 2:46 AM

IPS/IDS demo on Meraki MX

Hi All,

 

we have to present a demo to one of our client looking for Meraki SDWAN . the catch is they want to see IPS/IDS functionality as well. how do we show them the Hits against IPS/IDS rules.

also please suggest if MX devices have anti-bot features as well.

Labels:
0 Kudos
Subscribe
2 Replies 2
Brash
Kind of a big deal
Kind of a big deal
‎Apr 1 2023 3:18 AM
‎Apr 1 2023 3:18 AM

A common method to test IPS is download the EICAR test file. You would then be able to see the detection/prevention in the security center logging.

Additionally some other methods have been mentioned in the following post

https://community.meraki.com/t5/Security-SD-WAN/Simulate-Intrusion-Attack/m-p/82116

 

As for your other question, IPS does include identified botnet traffic

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Threat_Protection#Intrus...

Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 2 2023 12:34 PM
‎Apr 2 2023 12:34 PM

@Brash has the best answer.

 

Shorter answer, the IPS should block this URL.  It is a standard test virus (it's not really a virus, just a test one).

http://www.eicar.org/download/eicar.com.txt 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.