CCSP SECUR Exam Cram 2 (642-501)

CBAC configurations can be complex, and it is highly advisable to test all CBAC configurations thoroughly before implementing CBAC in a production network.

Audit Trails and Alerts

Alert messages are enabled by default and appear on the router's console. To disable this feature, use the following command:

Router(config)# ip inspect alert-off

Sometimes, Cisco comes up with "interesting" commands, and this command is one of them. The ip inspect alert-off disables alert messages. However, how do you re-enable the sending of CBAC alert messages to the router's console?

To re-enable alert messages to the router's console, use the following command:

Router(config)# no ip inspect alert-off

The other type of messaging makes CBAC send audit trail messages to a syslog server. To enable this feature, you need to issue one command:

Router(config)# ip inspect audit-trail

CBAC audit trail messages are disabled by default. Use the ip inspect audit-trail command to enable them.

Related

Категории