| Description | This table lists those clients whose data packets
are to be blocked as requested by the IPS sensor
due to the detection of attacks at layer 3 to
layer 7 involving the particular client.
This table has an expansion dependent relationship
with cLIdsIpsSensorConfigTable. There may exist one
or more rows corresponding to the row for each
sensor configured through cLIdsIpsSensorConfigTable.
An entry is added to this row by the agent when the
controller receives the block request from one of
the IPS sensors configured through
cLIdsIpsSensorConfigTable. The controller sends
the ciscoLwappIdsShunClientUpdate notification
to indicate that the controller shall be blocking
the particular client for a period equal to
cLIdsClientTimeRemaining.
The entry corresponding to a particular client is
removed when one of the following happens.
(i) When the configuration about the particular
IPS sensor is removed from the controller, either
through an explicit management action initiated
through the NMS or when the controller reboots.
(ii) When the remaining time period for which the
client will be blocked as indicated by
cLIdsClientTimeRemaining, expires.
(iii) When the IPS sensor explicitly requests the
controller to stop blocking the client's data
packets.
The controller sends the ciscoLwappIdsShunClientUpdate
notification with cLIdsClientTimeRemaining equal to
0 to indicate that the client won't be blocked any
further, on one of the three conditions for entry
removal mentioned above. |