Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

7-31

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 7 Configuring Event Action Rules

Configuring OS Identifications

os: aix

-----------------------------------------------

-----------------------------------------------

NAME: name1

-----------------------------------------------

ip: 192.0.2.0-192.0.2.255 default:

os: unix

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

passive-traffic-analysis: Enabled default: Enabled

-----------------------------------------------

ips-ssp(config-eve-os)#

Step 12 Move an OS map to the inactive list.

sensor(config-eve-os)# configured-os-map move name1 inactive

Step 13 Verify that the filter has been moved to the inactive list.

sensor(config-eve-os)# show settings

os-identification

-----------------------------------------------

calc-arr-for-ip-range: 192.0.2.33 default: 0.0.0.0-255.255.255.255

configured-os-map (ordered min: 0, max: 50, current: 2 - 1 active, 1 inactive)

-----------------------------------------------

ACTIVE list-contents

-----------------------------------------------

NAME: name2

-----------------------------------------------

ip: 192.0.2.33 default:

os: aix

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

INACTIVE list-contents

-----------------------------------------------

NAME: name1

-----------------------------------------------

ip: 192.0.2.0-192.0.2.255 default:

os: unix

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

passive-traffic-analysis: Enabled default: Enabled

--MORE--#

Step 14 Delete an OS map.

sensor(config-eve-os)# no configured-os-map name2

Step 15 Verify that the OS map has been deleted.

sensor(config-eve-os)# show settings

os-identification

-----------------------------------------------

calc-arr-for-ip-range: 192.0.2.33 default: 0.0.0.0-255.255.255.255

configured-os-map (ordered min: 0, max: 50, current: 1 - 0 active, 1 inactive)

-----------------------------------------------

INACTIVE list-contents

-----------------------------------------------

NAME: name1

-----------------------------------------------

ip: 192.0.2.0-192.0.2.255 default:

os: unix

previous next