I realize that SSH is encrypted and that the IPS will not be able to detect the encrypted traffic, but I was wondering if there's an SSH connect string that could be added to block SSH with the IPS. The reason for this is that its too easy for clients behind ASL to tunnel to their home boxes to bypass the security policy on any open port.
Any suggestions?
This thread was automatically locked due to age.