Filter
Top Products
10-11
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 10 Configuring Global Correlation
Configuring Network Participation
Step 5 Turn on reputation filtering.
sensor(config-glo)# reputation-filtering on
sensor(config-glo)#
Step 6 Test global correlation data, but do not actually deny traffic.
sensor(config-glo)# test-global-correlation on
sensor(config-glo)#
Step 7 Verify the settings.
sensor(config-glo)# show settings
global-correlation-inspection: on default: on
global-correlation-inspection-influence: aggressive default: standard
reputation-filtering: on default: on
test-global-correlation: on default: off
sensor(config-glo)#
Step 8 Exit global correlation submode.
sensor(config-glo)# exit
Apply Changes:?[yes]:
Step 9 Press Enter to apply your changes or enter no to discard them.
For More Information
• For information about configuring a proxy or DNS server to support global correlation, see
Configuring the DNS and Proxy Servers for Global Correlation, page 4-10.
• For information on how to obtain and install a sensor license, see Installing the License Key,
page 4-56.
• For more information about the sensor health metrics, see Showing Sensor Overall Health Status,
page 17-20.
Configuring Network Participation
You can configure the sensor to send data to the SensorBase Network. You can configure the sensor to
fully participate and send all data to the SensorBase Network. Or you can configure the sensor to collect
the data but to omit potentially sensitive data, such as the destination IP address of trigger packets.
Note Configuring the sensor for partial network participation limits a third party from extracting
reconnaissance information about your internal network from the global correlation database.
The following option applies:
• network-participation—Sets the level of network participation. The default is off.
–
off—No data is contributed to the SensorBase network.
–
partial—Data is contributed to the SensorBase network but potentially sensitive information is
withheld.
–
full—All data is contributed to the SensorBase network.