Manuel d'utilisation / d'entretien du produit IPS4520K9 du fabricant Cisco Systems
Aller à la page of 460
Americas Headquarters Cisco System s, Inc . 170 West Tasm an Drive San Jos e, CA 95 134-1706 USA http://www .cisco .com Tel: 408 526-4000 800 553- NETS ( 6387) Fax: 408 527-0883 Cisco Intrusion P re v ention S ystem Appliance and Modul e Installation Guide f or IPS 7 .
THE SPECIFICATIONS AND INFORM ATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T NOTICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDATI ONS IN TH IS MANUAL ARE BELIEVED TO BE ACCURATE BUT A RE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRES S OR IMPLIED.
iii Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 CONTENTS About Th is Guide xv Content s xv Audienc e xv Comply wit h Local and Nation al E.
Cont ent s iv Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Connect ing an Ap pliance to a Termina l Serve r 1-22 Time So urces and t he Senso r 1-.
Content s v Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Hardwa re Bypa ss 4-4 4GE By pass In terf ace Car d 4-5 Hardwa re Bypa ss Co nfigu.
Cont ent s vi Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Removing and Replac ing the Chas sis Cover 5-39 Accessi ng the Diag nosti c Panel 5-42 .
Content s vii Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Removing and Insta lling th e Core IPS SSP 7-14 Removing and Insta lling th e Po.
Cont ent s viii Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Insta lling SF P/SFP+ Modules 9-11 Verif ying the St atus of the ASA 5585-X IPS SSP 9.
Content s ix Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Underst andi ng Licensi ng C-9 Servic e Pr ograms f or I PS Pro ducts C-9 Obtain .
Cont ent s x Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Underst andi ng Prevent ive Maint enance E-2 Creati ng and Usi ng a Backup Config uratio.
Content s xi Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Phys ical Conn ectivi ty, SP AN, or VACL Po rt Issue E-29 Unable t o See Alerts E.
Cont ent s xii Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Failo ver Sce narios E-63 Health and Stat us Informa tion E-64 The ASA 5500- X IPS SSP.
Content s xiii Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 10/100B aseT and 10/100 /1000Bas eT Conne ctors F-1 Consol e Port ( RJ-45) F-2 .
Cont ent s xiv Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01.
-xv Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 About This Guide Published: March 31, 2010 Revised: May 6, 2013, OL-24002-0 1 Contents This gu ide desc ribes how to install ap pliances a nd m odules that support Cisco IPS 7.
-xvi Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter Contents Comply with Loca l and Nationa l Electrical Cod es War nin g Installation of the equipment must compl y with local and national electrical codes.
-xvi i Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter Conten ts Organization This guide includes the f ollo wing sections: Section T itle Description 1 “Introducing the Sensor” Describes I PS appliances and mo dules.
-xvi ii Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter Contents Conven tions This document uses the followi ng con ventions: Note Means r e ader ta ke no te . Ti p Means the following information will help you solve a pr oblem .
-xi x Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter Conten ts For a complete list of the Cisco ASA 55 00 series do cu mentation a nd whe re to find it, re fer to the following URL: http://www .
-xx Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter Contents.
CH A P T E R 1-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 1 Introducing the Sen sor Contents This cha pter introdu ces the sensor a nd provides inf ormation y ou should k now before you install the sensor .
1-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns Figur e 1 -1 Compr ehensiv e De ployme nt Solutions The com mand and control interf ace is al ways Eth ernet.
1-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons • Generate IP session logs, session re play , an d trigger packets display .
1-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns • Filter out kno wn fa lse posit.
1-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons Ther e are thr ee int erfac.
1-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns Sensing Interfaces Sensing inter faces are used by the sensor to analy ze traff ic for secu rity violations.
1-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons ASA 5500 AIP SSM -40 — Gi.
1-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns IPS 4255 — GigabitEthernet 0/0 G.
1-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons IPS 4270 -20 2SX Slot 1 Slo.
1-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns Note The IPS 4260 supports a mixture of 4GE- BP , 2SX, and 10GE car ds.
1-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons TCP Reset Interfaces This section explains the T CP reset interf aces and wh en to use them.
1-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns Designati ng the Alte rnate TCP R.
1-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons – For Gigabit copper int.
1-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns – The comman d and contr ol int erface canno t se rv e as the altern ate TCP reset interface fo r a sensing interface.
1-15 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons • VLAN Gro up Mode, page 1 -18 • Deploying VLAN Groups, pa ge 1-18 Promiscuous M ode In promisc uous mod e, pac kets do not f low through the sensor .
1-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns The following configuration uses on e SP AN session to send all of the traf f ic on any of the specified VLANs to all of the specif ied ports.
1-17 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Ho w the Sens or Functi ons Figure 1-3 illustrates inl.
1-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor How the Se nsor Functio ns VLAN Group Mode Note The ASA IPS modules (ASA 5 500 AIP SSM, ASA 5500-X IPS SSP, and ASA 5585-X IPS SSP) do not support VLAN g roups mod e.
1-19 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Supp orted Sens ors Y ou ca n also connect applia nces between two switch es.
1-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor IPS Appliances For More Informatio n For instructions on how to obtain th e most recent Cisco IPS software, see Obtaining Cisco IPS Software, page C-1 .
1-21 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r IPS Appliances Introducing th e IPS Applian ce Note The cur rently supported Cisco IPS app liances ar e the IPS 42 40, IPS 4255 , and IPS 42 60 [IPS 7.
1-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor IPS Appliances Appliance R estric tions The following restrictions ap ply to u sing an d operatin g the ap pliance: • The applian ce is not a general purp ose workstation.
1-23 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Time Sour ces and the Sensor Time Sources and the Senso r This section explains the importanc e of having a re liable time sour ce for the sensor s and ho w to correc t the time if there is an error .
1-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor Time Sources and the Sensor Verifying the Sensor is Synchr o.
1-25 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 1 Introd ucing the Senso r Time Sour ces and the Sensor T o ensure the inte grity o f the time sta mp on the ev ent records, you must clear the ev ent arch i ve of th e older ev ents by using the clear event s command .
1-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapte r 1 Intr oducing the Sen sor Time Sources and the Sensor.
CH A P T E R 2-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 2 Preparing th e Appliance for Installatio n Thi s chapte r des cribe s the s.
2-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 2 P reparing the Appliance for Installation Safety Recommen dations For More Informatio n • For ESD guidelines, see Electricity Safety Guidelines , page 2-2 .
2-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 2 Preparing the Ap pliance for Inst allation Safety R ecommen dations Foll ow thes.
2-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 2 P reparing the Appliance for Installation Safety Recommen dations Working in an ES D En.
2-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 2 Preparing the Ap pliance for Inst allation General Site Req uireme nts General Site Requirements This se ction describe s the re quirement s your site must me et for safe insta llation and o peration o f your IPS appliance.
2-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 2 P reparing the Appliance for Installation General Site Requirements Power Supply Consid erations The IPS 427 0-20 ha s an A C power supply .
CH A P T E R 3-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 3 Installing the IP S 4240 and IPS 425 5 Contents This c hapter desc ribes th.
3-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Product Overv iew Note The illustration s in this chapter sho w the Cisco IPS 4 240 appliance sen sor .
3-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Front and Back Pa nel Featu res Front and Back Pan el Features Note Although the graphics sho ws the IP S 42 40, the IPS 425 5 has the s ame front a nd back panel f eatures and indicators.
3-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Specifications Figure 3-3 sh o ws the four built-in Ethernet ports, which have tw o indicators per por t.
3-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Connecting the IPS 4240 to a Cisco 7200 Ser.
3-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Rack Mounting The IPS 4240 a nd IPS 42 55 acc esso.
3-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Installing the IPS 4240 and IPS 4255 Step 2 Use the supplied screws to attac h th e appli ance to the equip ment rack.
3-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Installing the IPS 4240 and IPS 4255 T o in stall the IPS 4 240 and IPS 425 5 on the network, follo w these steps: Step 1 Position the appliance on the network.
3-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Installing the IPS 4240 and IPS 4255 Step 6 Connect the RJ- 45 connecto r to the console port and conn ect the other end to the DB-9 o r DB-25 connec tor on your co mputer .
3-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Insta lli ng the I PS 42 40-DC For More Informatio n • For more information on working with electr ical po wer and in an ESD en vi ronment , see Safety Recomm endation s, page 2-2 .
3-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Installing the IPS 4240-DC T o install the IPS 4240-DC, follow these steps: Step 1 Position the IPS 4240-DC on the n etwork.
3-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Insta lli ng the I PS 42 40-DC Step 9 Insert the g round wire into the co nnector for the ea rth gr ound and tighten the screw on the connec tor .
3-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Installing the IPS 4240-DC For More Inform.
3-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 3 Installing the IPS 4240 and IPS 4255 Insta lli ng the I PS 42 40-DC.
CH A P T E R 4-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 4 Installing the IP S 4260 Contents This c hapter d escribes IPS 4260, and co.
4-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Product Overv iew Note In IPS 7.1, rx/tx flow control is disab led on the IPS 4260. T his is a chang e from IPS 7.
4-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Suppo rted Int erf ace Cards • For more info rmation on installing and r emoving the power supply , se e Installing and R emoving the Po wer Supply , page 4-23 .
4-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Hardwa re Bypa ss Figure 4-2 shows the 2SX in terfa ce card.
4-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Hardware By pass 4GE Bypa ss Inte rface C ard The IPS 4 260 supp orts the 4-port Giga bitEthernet card ( part number I PS-4GE-BP-IN T=) with hardware bypass.
4-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Hardwa re Bypa ss The fo llowing configuration restri ctions apply to hardware bypass: • The 4-por t bypass card is only supported on the IPS 4260.
4-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Front and Back Pa nel Featu res Front and Back Pan el Features This section describe s the IPS 4260 f ront and ba ck panel features a nd indicators.
4-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Front and B ack Panel Fe atures Figure 4-5 sh ows the back view of the I PS 4260.
4-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Specifi cations Ta b l e 4 - 3 lists the po wer supply indicator . Specificati ons Ta b l e 4 - 4 lists the specif ications for the IPS 4260.
4-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Accesso ries Accessories War nin g IMPO RT ANT SAFETY INSTRUC TIONS This warning symbol means dang er . Y ou are in a sit uation that could cause bodily injury .
4-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Rack Mo unting Installing the IPS 4260 in a 4-Post Rack.
4-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Rack Mounting Step 2 Attach the front-tab mounting bracket to the chassis with two 8-32x1/4’ SEMS scre ws. Y ou can flip the bracket to push the system forward in the rack.
4-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Rack Mo unting Step 4 Install the two outer rail subassemblies in the rack using eigh t 10-32x1/2” SEM S screws.
4-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Rack Mounting Installing the IPS 4260 in a 2-Post Rack T o rac.
4-15 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Rack Mo unting Step 3 Install the two outer rail subassemblies in the rack using twelve 10-32x1/2” SEMS screws or whatev er rack h ardwa re is n ecessa ry .
4-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing the IPS 4260 Step 5 Install four 8-32x7/16” SEMS screws through the clearance slots in the side of e ach outer rail a ssembly into the inner rail .
4-17 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing th e IPS 4260 T o install the IPS 4260 on the network, follo w these steps: Step 1 Position the IPS 4260 on the network .
4-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing the IPS 4260 Step 6 Connect the RJ- 45 connecto r to the console port and conn ect the other end to the DB-9 o r DB-25 connec tor on your co mputer .
4-19 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Removing and Repl acing th e Chassis Co ver Step 9 Initialize the IPS 4260. Step 10 Upgrad e the IPS 426 0 with the most re cent Cisco IPS s oftware.
4-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Removing an d Replacing the Chassis Cover Cautio n Follo w pro.
4-21 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Instal ling and Removin g Interf ace Ca rds Step 11 Power on the IPS 4260.
4-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing and Rem oving Interfa ce Cards Step 8 Remo ve the c ard car rier b y p ulling u p on th e tw o bl ue rele ase tab s.
4-23 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing and Rem oving the Power Supply For More Informatio n • For the pr ocedure for at taching po wer co rds an d cables to the I PS 4260, see Installing the IPS 4260, page 4-16 .
4-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing and Rem oving the Power Supply Step 5 Squeeze the tabs to remov e the filler plate. Step 6 Install the po wer supply .
4-25 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing and Rem oving the Power Supply For More Informatio n For the IDM pro cedure for resetting the IPS 4260, r efer to R ebooting the Sensor ; for the IME proced ure, refer t o Rebooting the Sensor .
4-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 4 Installing the IPS 4260 Installing and Rem oving the Power Supply.
CH A P T E R 5-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 5 Installing the IPS 427 0-20 Contents This chap ter de scribe s the IPS 4270.
5-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Product Overv iew War nin g This product relies on the buildi ng’ s installation fo r short-circuit (overcurrent) protection.
5-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Product Ove rview Media -rich en vironm ents a re ch aracter ized by c ontent , such a s that seen on po pular websites with video and f ile transfer .
5-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Supported Inte rface Cards • For more information on the 4GE b ypass interface card, see Har dwa re B ypas s, pa ge 5 -5 .
5-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Hardware By pass Figure 5-3 shows the 2SX in terfa ce card.
5-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Hardwa re Bypa ss 4GE Bypa ss Inte rface C ard The IPS 4270-2 0 supports th e 4-p ort GigabitEth ernet car d (part num ber IPS-4GE -BP-INT=) with hardware bypass.
5-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Hardware By pass The fo llowing configuration restr ictions apply to hardwa re bypass: • The 4-por t bypass card is only supported on the IPS 4270- 20.
5-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Front and B ack Panel Fe atures Front and Back Pan el Features This se ction describe s the IPS 4270-2 0 front a nd back panel features, indicators, and internal comp onents.
5-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Front and Back Pa nel Featu res Ta b l e 5 - 1 describes the front panel switc hes and indicators on the IPS 4270-20.
5-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Front and B ack Panel Fe atures Figure 5-7 sh ows the back view of the I PS 4270- 20.
5-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Front and Back Pa nel Featu res Figure 5-8 shows the b uilt-in Ethernet port, which has tw o indicators per por t, and the po wer supply indicators.
5-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Front and B ack Panel Fe atures Off Flashing • AC p ow e .
5-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Front and Back Pa nel Featu res Figure 5-9 sh ows the internal comp onents.
5-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Diagnos tic Panel Diagnostic Pan el The front pan el health indicators only indicate the current hardw are statu s.
5-15 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Specifi cations For More Informatio n • For the location of the Diagnostic Pa nel in the IPS 42 70-20 ch assis, see Figure 5-9 on pa ge 5-13 .
5-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Accesso ries Accessories The IPS 427 0-20 accessori es kit .
5-17 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit No tools are requ ired fo r the round - and squa re-h ole rack s. Y ou may need scre ws tha t f it the threa ded-hol e rack and a driv er fo r those sc rews.
5-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Installing the IPS 4 270-20.
5-19 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit Step 3 T o remove the chassis side rail, l ift the latch, and slide the rail forward.
5-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 4 If you a re installing the IPS 4270- 20 in a sha llo w rack, one that is less than 28.
5-21 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit Step 5 Attach the sl ide assemblies to the rack. For round- and squ are-hole rac ks: a.
5-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit For threade d-hole ra cks: a. Remove the eight round- or square -hole studs on each slide a ssembly using a s tandar d scre wd ri v er .
5-23 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit b. Line up the brack et on the slide assembly with th e rack holes, install two screws (top and bottom) on ea ch end of t he slide asse mbly .
5-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 6 Extend the slide a ssemblies out of the rack.
5-25 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit Step 7 Align the chas.
5-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 9 Install th e electrical cables at the back of the IPS 4270-2 0.
5-27 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit T o extend the IPS 42.
5-28 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 3 T o completely remov.
5-29 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit T o install the cable.
5-30 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 2 Attach th e cable tr.
5-31 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit Step 3 Rout e the ca bles throug h the cabl e trou gh and secur e the c ables with t he V elcro s traps and black t ie wraps.
5-32 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 4 Attach the c able ma nage ment arm st op bra cket to the ri de side of the back of the rack by inserting the stop bracket into the cable manage ment arm brac ket.
5-33 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail System Kit T o con vert the cable managem ent arm swin g, fo llo w the se step s: Step 1 Pull up the sp ring pin an d slid e the brac ket of f the cable ma nage ment arm.
5-34 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing the Rail Sys tem Kit Step 2 Remov e the bottom sliding bracket and f lip it ov er to the top of the bracke t aligning the studs.
5-35 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Instal ling the IPS 4270-20 Step 3 On the other side of the sliding br acket, align the spring pin with the studs and key holes, and slide until the pin sn aps in to place .
5-36 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Inst allin g the IP S 427 0-20 with standard practices for preventing acci dents.
5-37 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Instal ling the IPS 4270-20 Step 4 Connec t the RJ-4 5 to DB-9 adapter connecto r to t he conso le port and con nect the othe r end to th e DB-9 connec tor on your co mputer .
5-38 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Inst allin g the IP S 427 0-20 Step 5 Attach the net wor k cabl es. The IPS 4270-2 0 has the followi ng interfaces: • Managem ent 0/0 (MGMT 0/0) is the comman d and control port.
5-39 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Removing and Repl acing th e Chassis Co ver For More Informatio n • For more information on working with electr ical po wer and in an ESD en vi ronment , see Safety Recomm endation s, page 2-2 .
5-40 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Removing an d Replacing the Chassis Cover War nin g This unit might have more than one p ower supply connection.
5-41 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Removing and Repl acing th e Chassis Co ver Step 8 Lift up the cover l atch on the top of the chassis. Step 9 Slide the chassis cover back and up to remove it.
5-42 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Accessi ng the Diagn ostic Pane l Note Make sure the chassis cover is secu rely locked in to pl ace befor e powering up the IPS 4270-20 .
5-43 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Instal ling and Removin g Interf ace Ca rds Installi.
5-44 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving Interfa ce Cards Step 8 T o u nlock the expansion car d slot, push down on the ce nter part of the blue tab and op en the la tch.
5-45 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving the Power Supply For More Informatio n • For a n illustration of the e xpansion card slots, se e Figure 5-7 on page 5-1 0 .
5-46 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving the Power Supply Step 5 Use the T - 15 T or x screwdriv er that shipped with the IPS 4270-2 0 to remove the shipping screw .
5-47 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving the Power Supply Step 6 Remov e the power supply by pulling it away from the chassis.
5-48 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving the Power Supply Step 7 Install the p o wer supply . Make sur e the hand le is open and slide the power supply into the bay .
5-49 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving the Power Supply Step 8 Lock the power supply ha ndle. Step 9 Reconnect the po wer cables.
5-50 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Rem oving Fans Installing and Removing Fans There ar e six fans in the IPS 4270- 20.
5-51 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Installing and Removing Fans Step 4 Remove the failed fan b y graspin g the red plastic handle an d pulling up.
5-52 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 5 Installing the IPS 4270-20 Troubles hooting Loose Con nections Troubleshooting Loose Connections Perform the following actions to trouble shoot loose connec tions on sensors: • Make sure al l po we r cord s are se curel y conne cte d.
CH A P T E R 6-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 6 Installing the IP S 4345 and IPS 436 0 Contents This cha pter describ es th.
6-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Product Overv iew Product Overview The IPS 4345 deli ver s 500 Meg abits of int rusion pre v ention performance.
6-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Specifi cations Op eratin g power Steady .
6-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Accesso ries Accessories Figure 6-1 an d Figure 6-2 displa y the conten ts of the sensor packing box, w hich contains the ite ms you need to install t he sensor .
6-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Front and Back Pa nel Featu res Figur e 6.
6-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Front and B ack Panel Fe atures Figure 6-4 sh o ws the indicators for the IPS 4345. These i ndicator s are also found on the bac k panel of the IPS 43 45.
6-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Front and Back Pa nel Featu res Figure 6-6 sh ows the back pane l features of the IPS 4345.
6-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Front and B ack Panel Fe atures Figure 6-7 sh ows the back pane l features of the IPS 4360.
6-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Rack Moun t Instal lation Rack Mount Inst.
6-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Rack Mount Install ation Installing the IPS 4 345 in a Rack The IPS 4345 ships with the rack mount brackets inst alled on the fron t of the chass is.
6-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Rack Moun t Instal lation Step 4 Attach the c hassis to the rac k using the supplied scr e ws ( Figure 6-10 ).
6-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Installing the A ppliance on th e Network Installing the Appli ance on the Network War nin g IMPO RT ANT SAFETY INSTRUC TIONS This warning symbol means dang er .
6-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 I nst allin g the Appl ianc e on the Ne twork Step 4 Connect to the m anagement port.
6-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Installing the A ppliance on th e Network Step 5 Connec t to the cons ole port .
6-15 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Removing a nd Instal ling th e Power Supply Step 8 Po wer on the appliance. Step 9 Initial ize the appl iance .
6-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Removing an d Installing t he Power Supply The power sup plies each pr ovide 400 W of ou tput power and are used in a 1 + 1 redund ant co nfiguration.
6-17 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Removing a nd Instal ling th e Power Supply Ta b l e 6 - 4 describes th e power supply indicator .
6-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Removing an d Installing t he Power Supply T o r .
6-19 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Removing a nd Instal ling th e Power Sup.
6-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Removing an d Installing t he Power Supply Installing DC Input P ower War nin g The covers are an integral part o f the safety des ign of t he product.
6-21 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Removing a nd Instal ling th e Power Supply Figure 6-16 shows the back panel of the IPS 4345 with the DC power supply .
6-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Removing an d Installing t he Power Supply T o co.
6-23 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Removing a nd Instal ling th e Power Supply Step 6 Identify the positive, ne gativ e, and gro und feed positions fo r the DC power supply connectio n.
6-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Removing an d Installing t he Power Supply Figure 6-20 shows the DC po we r supp ly wi th lead wires.
6-25 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 6 Installing the IPS 434 5 and IPS 43 60 Removing a nd Instal ling th e Power Supply Removin g and Insta lling the DC Powe r Supply Note This proc edure app lies only to the applian ces with a removable DC power supply (IPS 436 0).
6-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 6 Installing the IPS 4345 and IPS 4360 Removing an d Installing t he Power Supply c.
CH A P T E R 7-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 7 Installing the IP S 4510 and IPS 452 0 Contents This cha pter describ es th.
7-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Product Overv iew War nin g Only trained and qualified personnel should inst all, replace, or service this eq u i p m e n t .
7-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Front and Back Pa nel Featu res IME The Intr usion Pre vention System Manag er Express (IM E) 7.
7-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Front and B ack Panel Fe atures Figure 7-2 sh o ws the front panel indicators.
7-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Front and Back Pa nel Featu res PS1 Indic.
7-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Front and B ack Panel Fe atures Figure 7-3 shows the ba ck panel fe atures. Figur e 7 -3 Bac k P anel F eatur es Figure 7-4 sh ows the po wer supply module ind icators.
7-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Front and Back Pa nel Featu res Ta b l e 7 - 2 describes the power supply module an d fan module indicator s.
7-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Specifications Specificati ons Ta b l e 7 - 4 lists the specif ications for the IPS 4 510 and IPS 452 0.
7-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Accessories Accessories The conte nts of .
7-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Memory C onfigurations Memory Configurations The IPS 4510 a nd IP S 4520 hav e up to 6 DI MM module s per CPU.
7-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing the IPS 4510 and IPS 4520 Ta b l e 7 - 7 lists the SFP/SFP+ modules that the IPS 45 10 and IP S 4520 sup port.
7-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing the IPS 4 510 and IPS 4520 b. Connect one RJ -45 connector to the Managemen t 0/0 interface.
7-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing the IPS 4510 and IPS 4520 b. Connect one e nd of the LC cable to the SFP/SFP+ module.
7-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Removing an d Installing the Core IPS SSP Step 6 Po we r on the sensor .
7-15 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Removing and Installing th e Core IPS SSP Step 7 Grasp t he e jection le ve rs at the lef t and r ight bottom of the de signated slot and pull them out.
7-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Removing an d Installing t he Power Supply Module.
7-17 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Removing and Installing the Power Supply Module Step 5 Install the n e w power supply module by aligning it with the power supply m odule ba y and pushing it into place unti l it is seat ed.
7-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Removing an d Installing t he Fan Modul e Removin.
7-19 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing the Slide Rail Kit Hardware Step 3 Install the ne w fan module b y aligning it wi th the fan module bay and p ushing it into place until it is seated.
7-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing and Removi ng the Slide Rail Kit Figure 7-5 sh ows all of the bra ckets that c an be re mov ed for the fixed rack mount.
7-21 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing and Remo ving the Slide Rail .
7-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing and Removi ng the Slide Rail Kit For square hole posts, square studs must be attached fully inside the square hole on the rack ra il.
7-23 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing and Remo ving the Slide Rail .
7-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing and Removi ng the Slide Rail Kit Step 3 For square hole ra cks, install one #1 0-32 cag e nut on each side of the r ack rail ( Figure 7-10 ).
7-25 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing and Remo ving the Slide Rail Kit Step 4 Install the chassis on the outer r ail.
7-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing and Removi ng the Slide Rail Kit Step 5 T ighten the scre ws to secure the chassis to the rack ( Figur e 7-1 2 ).
7-27 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Installing and Remo ving the Slide Rail .
7-28 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing and Removi ng the Slide Rail Kit Step 3 Press down the release hook to re mov e the chassis fr om the rack ( Figur e 7-14 ).
7-29 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Rack-M ounting the Chassis Usi ng the Fi.
7-30 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Rack-Mount ing the Chass is Using the Fixed Rack Mount Step 2 Position the front bracket on the side of the sensor and line up the brac ket scre ws with the screw holes on the sensor .
7-31 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Rack-M ounting the Chassis Usi ng the Fi xed Rack Mo unt Step 9 (O pt i on al ) Install the proper slide-mo unt br ackets on to the rear bracket on th e chassis.
7-32 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 Installing the Cab le Manageme nt Brackets Instal.
7-33 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 7 Installing the IPS 451 0 and IPS 45 20 Troublesho oting Loo se Conn ections Figu re 7 - 17 C able Man agemen t Brack ets for th e Sli de Rai l Step 4 T igh ten t he scre ws in to the rack.
7-34 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 7 Installing the IPS 4510 and IPS 4520 IPS 4500 Series Sensors and th e SwitchApp IPS 45.
CH A P T E R 8-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 8 Installing and Removing the ASA 5500 AIP SSM Contents This chap ter des cri.
8-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Product Overv iew Product Overview The Cis.
8-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Product Ove rview In prom iscuous m.
8-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Specifications Specificati ons Ta b l e 8 .
8-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Indicat ors Indicat ors Figure 8-3 sh ows the ASA 5500 AIP SSM ind icators. Figur e 8-3 ASA 5500 AIP SSM Indicat ors Ta b l e 8 - 3 describes the ASA 5500 AIP SSM in d ic a to rs .
8-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Installation and Removal Instruct ions Step 3 Remove the two screws at the left back end of the c hassis, a nd remove the slot c over .
8-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Installati on and Rem oval Instr uctions • For the proc edure for using HTTPS to log in to th e IDM, re fer to Logg ing In to the IDM .
8-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 8 Installing and Removing the ASA 5500 AIP SSM Installation and Removal Instruct ions Step 5 Locate the groundin g strap from the accessory kit a nd fasten it to your wrist so that it conta cts your bare skin.
CH A P T E R 9-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 9 Installing and Removing the ASA 5585-X IPS SSP Contents This chapter descri.
9-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Introducing the ASA 55 85-X IPS SS P I.
9-3 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP Specifi cations another power supply module for a redunda nt po wer supply c onfiguration.
9-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Hardware and Software Requirements Har.
9-5 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP Front Panel Fe atures Figure 9-2 sh o ws the front v ie w of IPS SSP-40 and IPS SSP-60.
9-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Front Panel Fe atures Figure 9-3 sh o ws the front panel indicators.
9-7 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP Front Panel Fe atures Ta b l e 9 - 2 descr ibes the front panel indicators on the ASA 5585-X IPS SSP.
9-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Memory R equirements Ta b l e 9 - 3 sho ws th e Ethernet po rt indica tors. Memory Re quireme nts The ASA -5585-X has up to 6 DIMM modules p er CPU.
9-9 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP SF P/SFP+ Module s SFP/SFP+ Modules The SFP/SFP+ module is a hot-sw appable input/outpu t de vice that plu gs into the SFP/SFP+ ports and provides Gigabit Ethernet connecti vity .
9-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Installing the ASA 5585-X IPS SSP Step 3 From the front panel of the ASA 5585-X, loo sen the capt iv e screws on the up per left and rig ht of the slot tray (slot 1), and remove it.
9-11 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP Installing SFP/SFP + Modules For More Informatio n • For more information about ESD, see Pr e venting Electrostatic D ischarge Damage , page 2- 3 .
9-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Verifying the Status of the ASA 5585-X IPS SSP T o connect to the SFP/SFP+ port if you are using fiber ports, follow the se steps: Step 1 Install the SFP/SFP+ module.
9-13 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP Removing and Repla cing the ASA 5585-X IPS SSP T o verify the status of the ASA 5585-X IPS SSP, follo w these steps: Step 1 Log in to the adapti ve security appliance.
9-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Removing an d Replacing the ASA 5585-X IPS S SP Step 7 Grasp t he e jection le ve rs at the lef t and r ight bottom of the mod ule slot and pull them out.
9-15 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 Chapter 9 Installing and Removing the ASA 5585-X IPS SSP Removing and Repla cing the ASA 5585-X IPS SSP Step 11 Repla ce the scre ws. Step 12 Reconne ct the power cable to the ASA 5585-X .
9-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Chapter 9 Instal ling and Removing th e ASA 5585-X IPS SSP Removing an d Replacing the ASA 5585-.
A- 1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 APPENDIX A Logging In to the Sensor Contents This chapter expla ins how to log in to the sensor . All IPS platforms allow ten concurrent log in se ssions.
A- 2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appen dix A Log ging In to the Se nsor Logging I n to the Applianc e For More Informatio n For the proce dure for cr eating th e service acc ount, re fer to Creating the Servic e Account, page E-5 .
A-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix A Logging In to the Sens or Connect ing an Applianc e to a Ter minal S erver Con.
A- 4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appen dix A Log ging In to the Se nsor Logging In to the ASA 5500 AIP SSP Logging In to the ASA 5500 AIP SSP Y ou log in to the ASA 5500 AIP SSM from the ad apti v e secu rity app liance.
A-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix A Logging In to the Sens or Logging In to the ASA 5500-X IPS SSP Logging In to the ASA 5500-X IPS SSP Y ou log in to the ASA 55 00-X IPS SSP from the adapti v e secu rity applia nce.
A- 6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appen dix A Log ging In to the Se nsor Logging In to the ASA 5585-X IPS SSP For More Informatio .
A-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix A Logging In to the Sens or Logging In to the Senso r For More Informatio n For the procedure for initializing the ASA 5585- X IPS SSP using th e setup command, s ee Adv anced Setup for the ASA 5 585-X I PS SSP , page B- 21 .
A- 8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appen dix A Log ging In to the Se nsor Logging I n to the Sensor.
B-1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 APPENDIX B Initializing the Sensor Contents This chapter de scribes how to use the setup c.
B-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Simplified Setup Mode Simplified Setup Mode The sensor automat.
B-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor System Conf igurati on Dialog Default settings are in square brackets '[]'.
B-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Basic Sensor Setu p Purpose: Tracks product efficacy Participa.
B-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Basic Senso r Setup Step 7 Y ou must co nfigure a DNS server or an HT TP pr oxy server f or glo bal co rrel ation t o op erate: a.
B-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Basic Sensor Setu p o. Specify the standar d time zone offset. Specify the stan dard time zone offset from UTC in minutes (negative number s repre sent t ime zones west of t he Prim e Mer idian) .
B-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup exit service global-correlation network-participation full exit [0] Go to the command prompt without saving this config.
B-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup Note Adding new subinte rfaces is a two-step proce ss. Y ou first organize the interfaces when you e dit the virtual sensor c onfiguration.
B-9 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup Note The follo wing options let you create and delete interfa ces. Y ou assign the interfaces t o virtual sensors in the virtual sensor c onfiguration.
B-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup [3] Add/Modify Promiscuous Vlan Groups. [4] Add/Modify Inline Interface Pairs. [5] Add/Modify Inline Interface Pair Vlan Groups.
B-11 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup Step 21 Ente r 4 to add inline in te r face pa ir Ne wP air . Step 22 Press Enter to return to the top-lev el virtual sensor menu.
B-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup subinterface-type inline-vlan-pair subinterfa.
B-13 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup Step 30 Apply the mo st recent service pa ck and signa ture update. Y ou ar e now ready to configure your a ppliance for intrusion prevention.
B-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup Note Y ou do not ne ed to configure interfaces on the ASA 5500 AIP SSM. Y ou should ig nore the modify interf ace def ault VLAN setting.
B-15 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup Step 15 Ente r 1 to use the existing anomaly de tection configuration, ad0.
B-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup no login-banner-text exit time-zone-settings .
B-17 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup For More Informatio n • For the proc.
B-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup [1] Modify interface default-vlan. Option: Step 8 Press Enter to retu rn to the top-lev el interface and virtual sensor co nfiguration menu.
B-19 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup Step 17 Enter the signature-de finition configuration name , newSig .
B-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup exit service web-server port 342 exit service.
B-21 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup – Cisco Intrusion P r evention System Sen sor CLI Configuration Guide for IPS 7.
B-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Advance d Setup Step 9 Ente r 2 to edit the virtual sensor configuration. [1] Remove virtual sensor. [2] Modify "vs0" virtual sensor configuration.
B-23 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Advanced Setup Note If PortChan nel 0/0 has no t been assig ned to vs0, y ou are prom pted to assign it to the new virtual sensor .
B-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Veri fyin g Init iali zati on event-action-rules rules0 anoma.
B-25 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix B Initializing the Sensor Verifying Initialization T o verify that you initialized your sensor , follo w these steps: Step 1 Log in to the sensor .
B-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix B Initializing the Sensor Veri fyin g Init iali zati on summary-mode fire-all exit exit status enabled true exit exit exit ! ------------------------------ service ssh-known-hosts rsa1-keys 10.
CH A P T E R C-1 Cisco I ntrusio n Preventio n System Appl iance an d Module Install ation Guid e for IP S 7.1 OL-24002-01 C Obta ining Software Contents This chapter pro vides information on obtaining Cisc o IPS software for the senso r . It contains th e follo wing sections: • Obtaining C isco IPS Software, pa ge C-1 • IPS 7.
C-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e IPS 7.1 Files Step 3 Under Select a Sof tware Produc t Category , choose Security So ftwar e . Step 4 Choose Intrusion Prev ention System (IPS) .
C-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software IPS Software Ve rsioning IPS Software Versioning When yo u do wnlo ad IPS softwar e im ages fr om Cisc o.
C-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e IPS Software Versioning Figure C-1 illustrate s what each par t of the I PS software file represents for m ajor and minor up dates, service pack s, and patc h releases.
C-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software IPS Software Ve rsioning Signa ture En gine Upd ate A signature e ngine upd ate is an executable f ile containi ng binary c ode to sup port new signature updates.
C-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e IPS Software Releas e Examples IPS Software Release Ex amples Ta b l e C - 1 lists platform-inde pendent Cisco IPS software release e xamples .
C-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software Acce ssing I PS Docu mentati on Ta b l e C - 1 describes the platform identif iers used in platform-specifi c names.
C-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e Cisco Security Inte lligence Operatio ns Note Although you will see references to other IPS do cumentation sites on Cisco.
C-9 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software Obtaining a Li cense Key From Cis co.
C-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e Obtaining a License Key Fr om Cisco.
C-11 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software Obtaining a Li cense Key From Cis co.com Step 3 The Lice nsing pa ne disp lays th e status of the cur rent licens e.
C-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e Obtaining a License Key Fr om Cisco.c om Use th e cop y sourc e-url license_file_name lice nse-key comma nd to copy the lic ense key to your sensor .
C-13 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software Obtaining a Li cense Key From Cis co.com Note Y ou must ha ve th e correct IPS dev ice seri al numbe r and prod uct identi fi er (PID) because the license key only f unctions on the device with that number .
C-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e Obtaining a License Key Fr om Cisco.
C-15 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Appendix C Obtaining Software Obtaining a Li cense Key From Cis co.com Licensing the ASA 550 0-X IPS SS P For the ASA 5500-X ser ies adapti v e secu rity appl ia nces with the IPS SSP , the ASA requires the IPS Module licen se.
C-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix C Obtainin g Softwar e Obtaining a License Key Fr om Cisco.c om system is using 33.6M out of 160.0M bytes of available disk space (21% usage) application-data is using 70.
D- 1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 APPENDIX D Upgrading, Downgrading, a nd Installing System Images Contents This ch apte r descr ibes how to upgr ade, downgrade, an d install syste m images.
D- 2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Upgrades , Downgrad es, and System Ima ges • Y ou ca nnot use the downgrade com mand to revert to a pre vious major or mino r version, for example, fr om Cisco IPS 7.
D-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Upgradi ng the Sen sor For More Informatio n • For the proc edure for downloading I PS software updates from C isco.
D- 4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Upgradin g the Sensor Note Y o u are promp ted for a pa ssword. – scp:—Sour ce URL for the SC P network se rver .
D-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Upgradi ng the Sen sor.
D- 6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Configuring A utomatic Up gr.
D-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Configuring Automatic Upgrade s Understand ing Automa tic Upgrades Cautio n In IPS 7.
D- 8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Configuring A utomatic Up grades • schedule-option —Specifies the schedule s for whe n Cisco se rver automatic upgrades o ccur .
D-9 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Configuring Automatic Upgrade s Step 3 Configure the sensor to automatically look for ne w upgra des either on Cisco.
D-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Downgra ding the Sen sor use.
D-11 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Recovering the Application Partition Recovering the App lication Parti tion Y ou can recov er the application partition image for the sensor if it becomes unusable.
D-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images Fo.
D-13 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Images TFTP Serve rs R OMMON use s TFTP to download an image a nd launch it.
D-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images In.
D-15 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Images • Gateway—Specifies the gateway IP address used by the IPS 4270-20.
D-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images Step 11 Do wnload a nd insta ll the system image.
D-17 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Ima.
D-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images • Conf ig—Unused by t hese pl atfor ms. Note Not all v alues are required to establi sh networ k con nectivity .
D-19 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Images Step 11 Ente r set and press Enter to v erify the netw ork settings.
D-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images Use BREAK or ESC to interrupt boot. Use SPACE to begin boot immediately.
D-21 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Images Step 9 If necessa ry define the pa th and filenam e on the T FTP file server fro m which you are downloading the image.
D-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images T .
D-23 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Ima.
D-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images Step 3 Enter en able mode. asa# enable Step 4 Configure the reco very settings for the ASA 5585-X IPS SSP.
D-25 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Images App. name: IPS App. Status: Up App. Status Desc: Normal Operation App.
D-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images Step 2 Boot the ASA 5585-X IPS SSP. Booting system, please wait.
D-27 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix D Upgrading, Do wngradin g, and Installing Sys tem Images Installing System Images Note Not all v alues are required to establi sh networ k co nnecti vity .
D-28 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x D Upgrading, Downgrading, and In stalli ng System Image s Installing Syst em Images Step 11 Ente r set and press Enter to verify the network settings.
E-1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 APPENDIX E Troubleshooting Contents This appe ndix conta ins troub leshooting tips and pro cedur es for sensors an d so ftware.
E-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Preventive M aintenance • Creatin g the Service Acc ount, page E- 5 Understand ing Preve ntive Mainte nance The following actions will help you maintain your sensor: • Back up a good configuration.
E-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting P reven tive Mainte nance sensor# copy /erase backup-config cu.
E-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Preventive M aintenance Cautio n Copying a co nfiguration file from anothe r sens or may r esult in errors if the sensing interfac es and virtua l senso rs are not co nf igur ed the same.
E-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting P reven tive Mainte nance Creating the S ervice Acco unt Y ou ca n create a service account for T A C to use during trouble shooting.
E-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Disast er Recovery ************************ WARNING ******************************************************* UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED.
E-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Recove ring the Passwor d • For the procedu re for using a r.
E-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Recovering the Pas sword Recovering the Password for the Applianc e This section describes the two ways to recover the password for appliances .
E-9 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Recove ring the Passwor d Step 3 Enter the follo wing commands to reset the password: confreg 0x7 boot Sample R OMMON session: Booting system, please wait.
E-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Recovering the Pas sword Mod MAC Address Range Hw Version Fw Version Sw Version --- --------------------------------- ------------ ------------ --------------- ips 503d.
E-11 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Recove ring the Passwor d Using the ASDM T o reset the password in the ASDM, follo w these steps: Step 1 From the ASDM menu bar, choose T ools > IPS Password Reset .
E-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Recovering the Pas sword Mod Status Data Plane Status Compatibility --- ------------------ --------------------- ------------- 1 Up Up Step 4 Session to the ASA 5585 -X IPS SSP.
E-13 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Recove ring the Passwor d Step 3 Click Close to close the dialog box.
E-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Time Sources and the Sensor sensor (config)# service host sensor (config-hos)# Step 3 V erif y the state of pa ssword recovery by using the include keyword to show settings in a filtered output.
E-15 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Time Sour ces and the Sensor The IPS Standa lone Ap plianc es • Use the clock s et command to set the time. This is the default.
E-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Advanta ges and Rest rictions of Virt ualization ... Step 3 Generate the hosts statisti cs again after a f ew minutes.
E-17 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Support ed MIBs V irtualization has the following restrictions: • Y ou must assign both sides of asym metric traf fic to t he same virtual sensor .
E-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing When to Di sabl e Anom aly Detec tion Note CISCO-PR OCESS-MIB is a v ailable on the sensor , b ut we do not support it.
E-19 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Analysi s Engine Not Respond ing • Y ou must have a v alid IPS lice nse to allo w g lobal correlation features to function.
E-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting Exter nal Product Interf aces ----- MainApp N-200.
E-21 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance • Y ou ca n configure a maximu m of two external produc t de vices.
E-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance The Applian ce and Jumbo P acket Fram e Size For IPS standalone applianc es with 1 G and 1 0 G fixed or add -on interface s, the maximum ju mbo fram e size is 9216 bytes.
E-23 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance • Check an y in terlock or interco nnect indi cator s that indicate a compon ent is not co nnecte d proper ly .
E-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Cannot Access the Sensor CLI Throu.
E-25 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance At any point you may enter a question mark '?' for help. User ctrl-c to abort configuration dialog at any prompt.
E-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance For More Informatio n • For th e.
E-27 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance T o verify th at the sensor in question does not have an IP address con flict with another host on the network, follo w these steps: Step 1 Log in to the CLI.
E-28 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance For More Informatio n • T o ma ke sure the sensor cabling is correc t, refe r to the chapter fo r your sensor in this d ocument.
E-29 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance 6-0600 Upgrade History: IPS-K9-7.1-3-E4 00:30:07 UTC Wed Nov 16 2011 Recovery Partition Version 1.
E-30 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Total Bytes Received = 0 Missed Pa.
E-31 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance For More Informatio n • For the proced ure for pr operly installing th e sensing inter face on your se nsor , refer to the chapter on your appliance in this document.
E-32 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Step 4 Make sure the sensor is seeing packets.
E-33 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance Pair Status = N/A Link Statu.
E-34 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Total Jumbo Packets Received = 0 T.
E-35 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance For More Informatio n For more informa tion on IPS syst em architectu re, refe r to System Architect ure.
E-36 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Verifying ARC is Running Note The CLI output is an example of wh at your configuration may look like.
E-37 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance For More Informatio n For more informa tion on IPS syst em architectu re, refe r to System Architect ure.
E-38 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Sensor up-time is 13 days. Using 4395M out of 5839M bytes of available memory (75% usage) system is using 26.
E-39 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance Device Access Issues The ARC may not be able to acc ess the de vices it is managing.
E-40 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance profile-name: r7200 block-interfac.
E-41 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance Step 5 T elnet to th e rout er and v erify that a den y entr y fo r the blocked ad dress exists in th e router ACL.
E-42 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance default-signatures-only ----------.
E-43 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance Step 4 Initiate a manua l block to a bogu s host IP add ress to make sure the master blocking se nsor is initiating blocks.
E-44 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance Logging T A C may suggest that you turn on debug logging for troublesh ooting pu rposes.
E-45 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance Step 9 T urn on ind i vidual zone cont rol.
E-46 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance zone-name: tls severity: warning &.
E-47 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance sensor(config-log)# show set.
E-48 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance For More Informatio n For a list of wha t each zone n ame refers t o, see Zone Names, page E -48 .
E-49 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance Directing cidLog Messages to SysLog It might be useful to direct cidLog messages to syslog.
E-50 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance TCP Rese t Not Occurring for a S ignature If you do not hav e the event action set to rese t, the TCP reset do es not oc cur for a specific signa ture.
E-51 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance appInstanceId: 1004 signature: sigId=20000 sigName=STRING.TCP subSigId=0 version=Unknown addr: locality=OUT 172.
E-52 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the Appl iance For More Informatio n • For more information on runn ing th e se tup comman d, see Appendix B, “Initializing t he Sensor .
E-53 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoot ing the App liance to do wnlo ad the ch osen pack age fro m a Cisc o fil e serv er .
E-54 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the IDM Step 8 Upgrad e the sensor .
E-55 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troubl eshoo ting the I DM d. Click the Cache tab . e. Click Clear . Step 3 If you hav e Jav a Plug-in 1.4. x installed: a.
E-56 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the IME telnet-option enabled access-list 0.
E-57 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesh ooting the ASA 5500 AIP SSM Time Sync hron izat ion o n th e IME a nd th e Sens or Sympto m The I ME d ispl ays No Data A vailab le on the Events dashb oard.
E-58 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the ASA 5 500 AIP SSM • The A SA 550 0 AIP SSM .
E-59 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesh ooting the ASA 5500 AIP SSM 1 Up asa(config)# If you hav e problems with reima ging the ASA 550 0 AIP SSM, use the debug module-boot comman d to see the output as the module boo ts.
E-60 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the ASA 5 500 AIP SSM Failover Sce narios The fol.
E-61 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesh ooting the ASA 5500 AIP SSM failover failover lan unit secondary failover lan interface folink GigabitEthernet0/7 failover interface ip folink 172.
E-62 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubles hooting the ASA 5 500 AIP SSM The ASA 55 00 AIP SSM a nd the Data P lane Sympto m The A SA 5500 A IP SSM da ta plan e is kept in the Up sta te whil e applyi ng sign ature upd ates.
E-63 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5500- X IPS SSP Troubleshooting the .
E-64 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 550 0-X IPS SSP Two ASA 5500-X s in Fail-.
E-65 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5500- X IPS SSP The output shows that the ASA 5500-X IPS SSP is up. If the status r eads Down , you can reset it using the sw-module module 1 reset comm and.
E-66 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 550 0-X IPS SSP Mod-ips 266> DMI 2.
E-67 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5500- X IPS SSP Mod-ips 328> huge.
E-68 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 550 0-X IPS SSP Mod-ips 384> CPU: L2 cache: 4096K Mod-ips 385> CPU 4/0x4 -> Node 0 Mod-ips 386> CPU4: Intel QEMU Virtual CPU version 0.
E-69 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5500- X IPS SSP Mod-ips 446> pci 0000:00:01.0: Activating ISA DMA hang workarounds Mod-ips 447> pci_hotplug: PCI Hot Plug PCI Core version: 0.
E-70 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 550 0-X IPS SSP Mod-ips 510> serial825.
E-71 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5500- X IPS SSP Mod-ips 571> 51216 blocks Mod-ips 572> Checking rootrw fs: corrected filesystem Mod-ips 573> kjournald starting.
E-72 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 550 0-X IPS SSP Mod-ips 633> Starting .
E-73 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5500- X IPS SSP The ASA 55 00-X IPS S SP and Memory Usag e For the ASA 55 00-X IPS SSP , th e memo ry usage is 93%.
E-74 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 558 5-X IPS SSP TCP Rese t Differences Be.
E-75 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5585- X IPS SSP • If the ASA is co.
E-76 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 558 5-X IPS SSP Traffic Flow S topped on .
E-77 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5585- X IPS SSP App. Status: Not Applicable App. Status Desc: Not Applicable App. version: 7.
E-78 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Troubleshoot ing the ASA 558 5-X IPS SSP Firmware version: 2.0(7)0 Software version: 7.1(1)E4 MAC Address Range: 5475.
E-79 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Troublesho oting the ASA 5585- X IPS SSP Slot-1 167> SERVER=192.
E-80 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion For More Informatio n For deta iled informat ion about the Normaliz er engine, see Normalizer Engine .
E-81 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information This section contains the following top.
E-82 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Tech Sup port Information The show tech -supp ort command is useful fo r capturing all sensor status and con f iguratio n information .
E-83 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information Step 3 T o s end the output (in HTML format) to a file: a. Enter the following c ommand, follo wed by a v alid destinat ion.
E-84 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion 6-0600 Running CLI S-2011_NOV_16_00_20_7_1_3_46 (Release) 2011-11-16T00:23:0 6-0600 Upgrade History: IPS-K9-7.
E-85 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information Total Transmit Errors = 0 Total Transmi.
E-86 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Understanding the show version Command The sh ow ve rsi o n command s ho ws t he basic sens or info rmation and can indicate where a f ailure is occurr ing.
E-87 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information Upgrade History: IPS-K9-7.1-3-E4 00:30:07 UTC Wed Nov 16 2011 Recovery Partition Version 1.
E-88 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion ! ------------------------------ service.
E-89 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information • T ransa ction Sou rce • V irtua l.
E-90 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion The Signature Database Statistics.
E-91 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information SimulatedDenyFilterRuleMatch = 0 TcpDen.
E-92 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion No attack Detection - ON Learning - ON N.
E-93 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information The number of times the event store cir.
E-94 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Command Control Port Device = Management0/0 Network Statistics = ma0_0 Link encap:Ethernet HWaddr 00:04:23:D5:A1:8D = inet addr:10.
E-95 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information BlockMaxEntries = 11 MaxDeviceInterfaces = 250 NetDevice Type = PIX IP = 10.89.150.171 NATAddr = 0.
E-96 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion AclSupport = uses Named ACLs Version = 12.2 State = Active NetDevice IP = 192.0.2.10 AclSupport = Uses VACLs Version = 8.
E-97 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information Step 15 Display the statistics for the transacti on server .
E-98 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Number of exec Clear commands during uptime = 0 Denied Attackers and hit count for each. Denied Attackers with percent denied and hit count for each.
E-99 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information TCP Packets currently queued for reasse.
E-100 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Fatal Severity = 0 Error Severity = 14 Warning Severity = 1 Timing Severity = 0 Debug Severity = 0 Unknown Severity = 28 TOTAL = 43 Step 19 V erify that the statistic s hav e been clear ed.
E-101 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information Interfaces Command Output The followin.
E-102 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion • Displaying Ev ents, page E-102 • .
E-103 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information The following options ap ply: • alert —Displays alerts. Provides notif ication of some su spicious a ctivity that ma y indicat e an attac k is in process or has been attemp ted.
E-104 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Step 3 Dis play th e bloc k requ ests beg inni ng at 10: 00 a.
E-105 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix E Troubleshooting Gathering Information originator: hostId: sensor appName: ma.
E-106 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendi x E Troubl eshoot ing Gath erin g Info rmat ion Step 3 Enter the follo wing command. /usr/cids/idsRoot/bin/cidDump Step 4 Enter the followi ng command to compress the resu lt ing /u sr /cid s/ ids Roo t /log/cidDum p.
F-1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 APPENDIX F Cable Pinouts Contents This append ix descri bes pi nout i nformation for 10 /1 00 / 100 0 Ba se T , console, an d RJ 45 to DB 9 port s, and the M GM T 10 /100 Ethe rne t po rt.
F-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix F Cable Pin outs Console Port (RJ -45) Figure F-2 shows the 10/100/1 000BaseT (RJ-4 5) port pinouts. Figur e F -2 1 0/1 00/1 00 0 P ort Pinouts Console Port (RJ-45) Figure F-3 sho ws the RJ 45 ca ble.
F-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Append ix F Cable Pinouts RJ-45 to DB-9 or DB-25 Exam ine the sequen ce of co lored wi res.
F-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 Appendix F Cable Pin outs RJ-45 to DB-9 or DB-25.
GL-1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 GLOSSARY Revised: July 16 , 2012 Numerals 3DES T riple Data Encryption Standard. A stronger ver sio n of DES, which is the default encryption method for SSH version 1.
Glos sary GL-2 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 ASA 5500 AIP SSM Adv ance d Inspect ion and Pre v ention Security Ser vices Modu le. The IPS p lug-in module in the Cisco ASA 5500 series adapti ve security appliance.
Glossary GL-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 arch itect ure The o v eral l stru cture o f a co mputer or c ommunica tion s ystem . The architec ture in flue nces the capabilities and limitations of the syst em.
Glos sary GL-4 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 B backpla ne The physica l connection betw een an interface pro cessor or card and the da ta buses and the power dis- tribution b uses inside a chassis.
Glossary GL-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 certificate Digit al re prese nta tion o f user o r de vi ce attrib utes, including a public key , that is signed with an author itat i ve priv ate key .
Glos sary GL-6 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 cookie A piece of inform ation sen t by a web serve r to a web bro ws er that the bro wser is exp ected to sa v e and send b ack to the we b ser ver whene v er th e bro wser mak es addit ional reque sts of the web serv er .
Glossary GL-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 DES Data En crypti on S tanda rd. A stron g encry ption meth od where the strength lies in a 56-bit key rather than an algorithm. destination address Address of a n etwork device that is receiving data .
Glos sary GL-8 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 F fail clos ed Blocks traffi c on the device after a hardware failure. fail open Lets traf f ic pass through the d e vice after a hardware failure.
Glossary GL-9 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 FQDN Fully Qualif ied Domain Name.A doma in name that specifies its e xact loca tion in th e tree h ierarch y of the DNS. It specif ies all domain lev els, including th e top-le vel domain, relati ve to the root d omain.
Glos sary GL-10 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 hardwa re bypass A specialized interf ace card that pairs physical inte r faces so th.
Glossary GL-11 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 InterfaceApp A component of the IPS. Handles bypass and physical settings and defines paired interface s. Physical settings are speed, d uplex, and administra ti ve state.
Glos sary GL-12 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 KB Knowledge Base. The sets of thresholds learned by Anom aly Detection and used for worm virus detection. Knowledge Base See KB. L LACP Link Aggregation Control Protoc ol .
Glossary GL-13 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 MD5 Message D igest 5. A one- way hashing algorith m that pro duces a 1 28-bit hash . Both MD5 and Secure Hash Algori thm (SH A) are variat ions on MD4 an d streng then th e secu rity o f the MD4 hash ing algo rit hm.
Glos sary GL-14 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 NBD Nex t Bus iness D ay . The arri val of repl acemen t hard ware acco rding to Cisc o ser vice co ntra cts. Neighborh ood Disco very Protocol fo r IPv6.
Glossary GL-15 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 O OIR online insertion and remov al. Feature that permits you to add, repla ce, or remove cards without interrupting the system po wer, entering console c o mman ds, or cau sing other software o r interface s to shut do wn.
Glos sary GL-16 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 PER packed enc oding rules. Instead of using a generic st yle of en coding that enc odes al l types in a u nifor m way , PER speciali zes the enco ding base d on the da te type to gene rate mu ch more com pact representations.
Glossary GL-17 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 RAM random- access memo ry . V olatile memor y that can be read an d written by a microproce ssor . RAS Registration, Admission , and Status Protocol.
Glos sary GL-18 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 RTP Real-Time T ransport Pro tocol. Commonly used w ith IP networ ks.
Glossary GL-19 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 sessi on comm and Comman d used on routers an d switche s to pro vide eith er T elnet or console acc ess to a mod ule in the router o r switch.
Glos sary GL-20 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 SN Serial Number . Part of the UDI .
Glossary GL-21 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 subsigna ture A more granular representa tion of a gene ral sign atur e. It typically fu rther de fi nes a broad s cope signature.
Glos sary GL-22 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 TFTP T ri vial File T ransfer Protocol.
Glossary GL-23 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 U UDI Unique De vice Identif ier . Provides a unique identity for e v ery Cisco product. The UDI is composed of the PI D, VID, and SN.
Glos sary GL-24 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01 viru s Hidd en, s elf-r eplic atin g sect ion o f co mputer soft ware, u suall y m alic ious logic, that pro pagates by infecting—that is, inserting a cop y of itself into and becoming par t of—another pro gram.
Glossary GL-25 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llati on Guide fo r IPS 7.1 OL-24002-01 Wireshark W ireshark is a free network protoco l analyzer fo r UNIX and Windo ws. It lets you examine da ta from a li ve network or from a capture f ile on disk .
Glos sary GL-26 Cisco Intrusion Prevention System Appliance and Mo dule Installation Guide for IPS 7.1 OL-24002-01.
IN-1 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 INDEX Numerics 10BaseT cable pinouts appliance F-1 ASA 558 5-X F-1 2SX card describe d 4-3, 5-4 illustration 4-4, 5-5 4GE bypa ss interface card configura tion restrictions 4-5, 5-6 describe d 4-3, 4-5, 5-4, 5-6 illustration 4-3, 5-4 802.
Index IN-2 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 applying softwar e update s E-52 ARC blocking no t occurring for signatu re E-41 de.
Index IN-3 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 ASA 5585-X SSP-40 with I PS SSP-40 describe d 9-3 memory re quirem ents 9-8 ASA 558.
Index IN-4 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 copy lic ense-k ey C-12 debug m odule-b oot E-59 downgra de D-10 eras e lice nse -k.
Index IN-5 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 E electrical saf ety guidelines 2-3 enablin g debug logging E-44 Encr yption Softwa.
Index IN-6 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 IPS 4270-20 5-6 link status chan ges and drops 4-6, 5-7, E-22 proper co nfigurat io.
Index IN-7 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 comm and and control 1-5 configura tion restrictions 1-12 describe d 1-4 port numb .
Index IN-8 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 power supply 4-23 interface naming c onventions 4-4 network ports 4-2 password reco.
Index IN-9 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 front panel (llustration) 6-5 front panel indicators described 6-6 indicators 6-6 i.
Index IN- 10 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 removing co re IPS SSP 7-14 SFP ports 7-12 shutting down 7-14 slide rail kit hard.
Index IN- 11 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 L licens e key installing C-12 obtaining C-9 trial C-9 uninstalling C-15 viewing .
Index IN- 12 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 P password recovery appliances E-8 ASA 5500-X IPS SSP E-9 ASA 5585-X IPS SSP E-1 .
Index IN- 13 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 4-post 4-11 IPS 4270-20 ext ensio n 5-26 installation 5-18 requiremen ts 5-17 IPS.
Index IN- 14 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 serial console port D-12 TFTP D-13 round-trip time.
Index IN- 15 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 ASA 5500-X IPS SSP A-5 ASA 5585-X IPS SSP A-6 setting up terminal servers 1-22, A.
Index IN- 16 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 HTTP/ HTTPS s erver s D-2 SwitchApp desc ribed 7-34 Switched Port A nalyzer see S.
Index IN- 17 Cisco I ntrusio n Preventi on System Applianc e and Modul e Insta llation Gui de for I PS 7.1 OL-24002-01 cidLog message s to syslog E-49 communic ation E-23 corrupte d SensorApp configur.
Index IN- 18 Cisco I ntrusio n Prevent ion System Applianc e and Mod ule Instal latio n Guide fo r IPS 7.1 OL-24002-01 restric tions E-17 supported sen sors E-17 traff ic capture requi rement s E-1 7 VLAN gro ups 802.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté Cisco Systems IPS4520K9 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du Cisco Systems IPS4520K9 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation Cisco Systems IPS4520K9, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le Cisco Systems IPS4520K9 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le Cisco Systems IPS4520K9, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du Cisco Systems IPS4520K9.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le Cisco Systems IPS4520K9. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei Cisco Systems IPS4520K9 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.