2 Replies Latest reply on Jun 13, 2017 10:48 PM by hogehoge989

    "Null" Policy Question - Baseline Policy(Sensor) between Interface Policy 1A-1B and Sub Interface VLAN.

    hogehoge989

      Hello, Please advise us behavior about NULL policy in Sub-Interface VLAN scenario ?

       

      Sensor Policy:ALL Inclusive with audit

      Interface Policy 1A-1B:Default Inline IDS

      Sub Interface Policy:VLAN 200 : NULL

       

      If we create null policy for VLAN ID 200 and if traffic match.

       

      then traffic will be thru the Sensor with No DETECTION ? and No scan in All Inclusive with audit in Sensor body policy ?

       

      which scenario is correct behavior ?

      1 .vlan traffic:200 ---> sub interface policy ->  sensor policy:all inclusive with audit 

       

      or

      2. vlan traffic:200 --> sub interface: vlan 200:null policy-> Ignore this traffic because of Null policy match. So VLAN 200 traffic will not go Sensor body Policy:All inclusive with audit.

       

       

      Does anyone know which one ?