Filter
Top Products
19-6
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 19 Configuring the ASA 5500-X IPS SSP
Creating Virtual Sensors for the ASA 5500-X IPS SSP
signature-definition: sig0 <protected>
event-action-rules: rules0 <protected>
anomaly-detection
-----------------------------------------------
anomaly-detection-name: ad0 <protected>
operational-mode: inactive <defaulted>
-----------------------------------------------
physical-interface (min: 0, max: 999999999, current: 1)
-----------------------------------------------
name: PortChannel0/0
-----------------------------------------------
-----------------------------------------------
inline-TCP-evasion-protection-mode: strict <defaulted>
-----------------------------------------------
sensor(config-ana-vir)#
Step 10 Exit analysis engine mode.
sensor(config-ana-vir)# exit
sensor(config-ana)# exit
Apply Changes:?[yes]:
sensor(config)#
Step 11 Press Enter to apply the changes or enter no to discard them.
For More Information
• For the procedure for enabling anomaly detection, see Enabling Anomaly Detection, page 9-8.
• For the procedures for creating and configuring anomaly detection policies, see Working With
Anomaly Detection Policies, page 9-9.
• For the procedure for creating and configuring event action rules policies, see Working With Event
Action Rules Policies, page 7-8.
• For the procedure for creating and configuring signature definitions, Working With Signature
Definition Policies, page 8-2.
Assigning Virtual Sensors to Adaptive Security Appliance Contexts
After you create virtual sensors on the ASA 5500-X IPS SSP, you must assign the virtual sensors to a
security context on the adaptive security appliance.
The following options apply:
• [no] allocate-ips sensor_name [mapped_name] [default]—Allocates a virtual sensor to a security
context. Supported modes are multiple mode, system context, and context submode.
Note You cannot allocate the same virtual sensor twice in a context.
–
sensor_name—Specifies the name of the virtual sensor configured on the
ASA 5500-X IPS SSP. You receive a warning message if the name is not valid.
–
mapped_name—Specifies the name by which the security context knows the virtual sensor.