Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

6-12

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 6 Configuring Virtual Sensors

Configuring Global Variables

-----------------------------------------------

sensor(config-ana)#

Step 16 Exit analysis engine mode.

sensor(config-ana)# exit

sensor(config)#

Apply Changes:?[yes]:

Step 17 Press Enter to apply the changes or enter no to discard them.

For More Information

• For more information on creating and configuring anomaly detection policies, see Working With

Anomaly Detection Policies, page 9-9.

• For more information on creating and configuring event action rules policies, see Working With

Event Action Rules Policies, page 7-8.

• For more information on creating and configuring signature definition policies, see Working With

Signature Definition Policies, page 8-2.

• For the procedure for pairing inline interfaces, see Configuring Inline VLAN Pairs, page 5-26.

Repeat Step 11 for all the inline interface pairs that you want to assign to this virtual sensor.

• For the procedure for pairing and grouping inline VLANs, see Configuring Inline VLAN Pairs,

page 5-26 and Configuring VLAN Groups, page 5-32. Repeat Step 12 for all inline VLAN pairs or

VLAN groups that you want to assign to this virtual sensor.

• For the procedure for enabling anomaly detection, see Enabling Anomaly Detection, page 9-8.

Configuring Global Variables

Use the global-parameters command in service analysis engine submode to create global variables,

such as IP logging and specifying the flow depth. Flow depth is used for String, Multi-String, Service

HTTP, and State engines. It does not apply to the XL String engine and the platforms that support it.

Note The IPS 4345, IPS 4360, IPS 4510, IPS 4520, ASA 5525-X IPS SSP, ASA 5545-X IPS SSP,

ASA 5555-X IPS SSP, and ASA 5585-X IPS SSP support the String XL engines and the Regex

accelerator card.

The following options apply:

• ip-logging—Enables global IP logging parameters.

–

max-open-iplog-files—Specifies the maximum number of concurrently open log files. The

range is 20 to 100. The default is 20.

• specify-flow-depth—Lets you specify the inspection depth of the flow. Flow depth is the number

of bytes inspected in a flow. The new value applies for new flows only. The valid range is from 0 to

429496296. The default is 0, which is infinitive. Creating a Global Variable

previous next