Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

18-17

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 18 Configuring the ASA 5500 AIP SSM

New and Modified Commands

Syntax Description

Defaults No default behavior or values.

Command Modes The following table shows the modes in which you can enter the command:

Command History

Usage Guidelines You can assign one or more IPS virtual sensors to each context. Then, when you configure the context

to send traffic to the ASA 5500 AIP SSM using the ips command, you can specify a sensor that is

assigned to the context; you cannot specify a sensor that you did not assign to the context. If you do not

assign any sensors to a context, then the default sensor configured on the ASA 5500 AIP SSM is used.

You can assign the same sensor to multiple contexts.

default (Optional) Sets one sensor per context as the default sensor; if the context

configuration does not specify a sensor name, the context uses this default

sensor. You can only configure one default sensor per context. If you want to

change the default sensor, enter the no allocate-ips sensor_name command

to remove the current default sensor before you allocate a new default sensor.

If you do not specify a sensor as the default, and the context configuration

does not include a sensor name, then traffic uses the default sensor on the

ASA 5500 AIP SSM.

mapped_name (Optional) Sets a mapped name as an alias for the sensor name that can be

used within the context instead of the actual sensor name. If you do not

specify a mapped name, the sensor name is used within the context. For

security purposes, you might not want the context administrator to know

which sensors are being used by the context. Or you might want to genericize

the context configuration. For example, if you want all contexts to use

sensors called “sensor1” and “sensor2,” then you can map the “highsec” and

“lowsec” senors to sensor1 and sensor2 in context A, but map the “medsec”

and “lowsec” sensors to sensor1 and sensor2 in context B.

sensor_name Sets the sensor name configured on the ASA 5500 AIP SSM. To view the

sensors that are configured on the ASA 5500 AIP SSM, enter allocate-ips ?.

All available sensors are listed. You can also enter the show ips command.

In the system execution space, the show ips command lists all available

sensors; if you enter it in the context, it shows the sensors you already

assigned to the context. If you specify a sensor name that does not yet exist

on the ASA 5500 AIP SSM, you get an error, but the allocate-ips command

is entered as is. Until you create a sensor of that name on the

ASA 5500 AIP SSM, the context assumes the sensor is down.

Command Mode

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

Context configuration

••—— •

Release Modification

8.0(2) This command was introduced.

previous next