Chapter 19
Incident Investigation and Mitigation
Mitigation
Figure 19-8
Incident Detail Page Displaying Red Mitigation Icon
Step 3
Click the red path information icon in the Path/Mitigation column.
The Mitigation pop-up window appears, with any possible Static topology and mitigation information,
as shown in
Figure
19-9.
CS-MARS recommends enforcement devices and mitigation commands. For static information, if the
network is entirely discovered and CS-MARS has command level access to a Layer 2 enforcing device,
the Push button appears red, otherwise it is gray. In
Figure
19-9, CS-MARS does not have sufficient
static information to identify a Layer 2 enforcement device, but can suggest mitigation commands for
discovered Layer 3 devices (Cisco PIX firewall, and a Cisco router). Layer 3 mitigation commands must
be configured manually on the Layer 3 devices.
User Guide for Cisco Security MARS Local Controller
19-12
78-17020-01