Foundation Summary


Installing network sensors correctly is an important component in protecting your network with Cisco Intrusion Prevention. Cisco provides appliance sensors that support a wide range of bandwidths and deployment locations.

You can upgrade your sensors from 4.1 to 5.0 by using one of the following two methods:

  • Install 5.0 software via the network

  • Install 5.0 software from a CD

Note

For the diskless sensors (IDS 4215, IDS 4240, IDS 4255), you can install the 5.0 software only through the network since the sensors do not have a CD-ROM drive.


When installing a new sensor (or upgrading via the recovery CD), you need to perform some basic initialization steps to get the sensor running. The basic appliance initialization tasks are as follows:

  • Run the setup command

  • Configure trusted hosts

  • Manually configure the time

  • Create the Service account

The setup CLI command configures the following parameters:

  • Sensor host name

  • Sensor IP address

  • Sensor netmask

  • Access list entries

  • Default gateway

  • Telnet server status

  • Web server port

  • Time settings

Some other tasks that you may need to perform during initialization include the following:

  • Change your password

  • Add and remove users

  • Add known SSH hosts

Beginning with Cisco IDS version 4.0, the appliance sensors have an extensive CLI that enables you to configure every aspect of your sensor's operation. Although the commands are different, using the CLI is very similar to using IOS. The CLI is divided into the multiple configuration modes, each of which provides a subset of the commands available to the user, such as the following:

  • Privileged Exec

  • Global Configuration

  • Service web-server

  • Service analysis-engine

  • Service host

  • Service network-access

  • Service signature-definition

Although the CLI enables you to configure every aspect of the sensor, configuring certain aspects, such as signature tuning, are easier to do in the graphical interfaces (such as Cisco IPS Device Manager). When troubleshooting, however, you may use this configuration capability to identify a problem, or you may create custom configuration scripts that you use to adjust the operation of your sensor.



CCSP IPS Exam Certification Guide
CCSP IPS Exam Certification Guide
ISBN: 1587201461
EAN: 2147483647
Year: 2004
Pages: 119
Authors: Earl Carter

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net