2 Replies Latest reply on Jun 13, 2017 10:48 PM by hogehoge989

    "Null" Policy Question - Baseline Policy(Sensor) between Interface Policy 1A-1B and Sub Interface VLAN.


      Hello, Please advise us behavior about NULL policy in Sub-Interface VLAN scenario ?


      Sensor Policy:ALL Inclusive with audit

      Interface Policy 1A-1B:Default Inline IDS

      Sub Interface Policy:VLAN 200 : NULL


      If we create null policy for VLAN ID 200 and if traffic match.


      then traffic will be thru the Sensor with No DETECTION ? and No scan in All Inclusive with audit in Sensor body policy ?


      which scenario is correct behavior ?

      1 .vlan traffic:200 ---> sub interface policy ->  sensor policy:all inclusive with audit 



      2. vlan traffic:200 --> sub interface: vlan 200:null policy-> Ignore this traffic because of Null policy match. So VLAN 200 traffic will not go Sensor body Policy:All inclusive with audit.



      Does anyone know which one ?