CORRECT TEXT
You have a requirement to further analyze lower risk events across that same network segment by capturing traffic for later inspection
Answer: Steps are in Explanation below:
Explanation:
First, enable the Gig 0/0 and Gig 0/1 interfaces:
Second, create the pair under the “interface pairs” tab:
Then, apply the HIGHRISK action rule to the newly created interface pair:
Then apply the same for the MEDIUMRISK traffic (deny attacker inline)
Finally. Log the packets for the LOWRICK event:
When done it should look like this:
