Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

17-2

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 17 Administrative Tasks for the Sensor

Administrative Notes and Caveats

The following notes and caveats apply to administrative tasks for the sensor:

• Administrators may need to disable the password recovery feature for security reasons.

• If you try to recover the password on a sensor on which password recovery is disabled, the process

proceeds with no errors or warnings; however, the password is not reset. If you cannot log in to the

sensor because you have forgotten the password, and password recovery is set to disabled, you must

reimage your sensor.

• We do not recommend that you use clear database command unless under the direction of the TAC

or in some testing conditions when you need to clear accumulated state information and start with

a clean database.

• The ASA 5500-X IPS SSP and ASA 5585-X IPS SSP do not support bypass mode. The adaptive

security appliance will either fail open, fail close, or fail over depending on the configuration of the

adaptive security appliance and the type of activity being done on the IPS.

• When the sensor is first starting, it is normal for certain health metric statuses to be red until the

sensor is fully up and running.

• You do not need to set the system clock if your sensor is synchronized by a valid outside timing

mechanism such as an NTP clock source.

• The show inventory command does not apply to the ASA IPS modules (ASA 5500 AIP SSM,

ASA 5500-X IPS SSP, and ASA 5585-X IPS SSP.

Recovering the Password

For most IPS platforms, you can now recover the password on the sensor rather than using the service

account or reimaging the sensor. This section describes how to recover the password for the various IPS

platforms. It contains the following topics:

• Understanding Password Recovery, page 17-2

• Recovering the Password for the Appliance, page 17-3

• Recovering the Password for the ASA 5500 AIP SSM, page 17-5

• Recovering the Password for the ASA 5500-X IPS SSP, page 17-7

• Recovering the Password for the ASA 5585-X IPS SSP, page 17-9

• Disabling Password Recovery, page 17-10

• Verifying the State of Password Recovery, page 17-11

• Troubleshooting Password Recovery, page 17-12

Understanding Password Recovery

Note Administrators may need to disable the password recovery feature for security reasons.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems IPS 7.1 Home Security System User Manual