IBM Security Network Protection does not detect ping echo replies
When configuring a rule to detect ICMP echo replies (type 0, code 0), the rule does not work. Rules to detect ICMP echo requests (type 8, code 0) work as expected.
Resolving the problem
This is a known defect with no current resolution. Echo replies are associated with their respective requests. A rule matching echo requests will also match echo replies, since they are treated as related packets in a single flow.
|Security||IBM QRadar Network Security||Documentation||Firmware||5.4|
More support for:
IBM Security Network Protection
Network Access Policy
Software version: 5.3.1, 5.3.2, 5.3.3
Operating system(s): Firmware
Reference #: 1644593
Modified date: 29 July 2013
Translate this page: