Threat protection on a specific VLAN

Mr-cook
Here to help

Threat protection on a specific VLAN

Hi,

 

Could we enable Threat protection on a specific VLAN instead of all Vlans please ?

 

regards,

4 Replies 4
Nash
Kind of a big deal

Unfortunately, by default this is applied across everything the MX sees. If you need more granularity than that, you'll need an additional device.

 

You can try asking support if they can disable it for only one vlan. No idea what their answer would be.

SoCalRacer
Kind of a big deal

Threat protection includes AMP, which can be turned off by VLAN, you can use a Group Policy and apply the group policy to a specific VLAN.

 

I don't think there is a way to turn off IDS though.

Nash
Kind of a big deal

I should have specified, I was thinking of the IDS/IPS. I think of AMP as AMP. 

 

Didn't realize you could disable AMP by vlan via group policy. That could be useful.

SoCalRacer
Kind of a big deal

We use it a lot for client either blaming AMP if they know what it is or saying they can't get to something (Software updates seems to be the most frequent). We use a group policy to turn AMP off and then apply it to their device. If it fixes the issue and is able to be reproduced then we add AMP whitelist to main settings and remove device from that policy.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels