Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

19-17

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 19 Configuring the ASA 5500-X IPS SSP

New and Modified Commands

Defaults No default behavior or values.

Command Modes The following table shows the modes in which you can enter the command:

Command History

Usage Guidelines You can assign one or more IPS virtual sensors to each context. Then, when you configure the context

to send traffic to the ASA 5500-X IPS SSP using the ips command, you can specify a sensor that is

assigned to the context; you cannot specify a sensor that you did not assign to the context. If you do not

assign any sensors to a context, then the default sensor configured on the ASA 5500-X IPS SSP is used.

You can assign the same sensor to multiple contexts.

Note You do not need to be in multiple context mode to use virtual sensors; you can be in single mode and use

different sensors for different traffic flows.

mapped_name (Optional) Sets a mapped name as an alias for the sensor name that can be

used within the context instead of the actual sensor name. If you do not

specify a mapped name, the sensor name is used within the context. For

security purposes, you might not want the context administrator to know

which sensors are being used by the context. Or you might want to genericize

the context configuration. For example, if you want all contexts to use

sensors called “sensor1” and “sensor2,” then you can map the “highsec” and

“lowsec” senors to sensor1 and sensor2 in context A, but map the “medsec”

and “lowsec” sensors to sensor1 and sensor2 in context B.

sensor_name Sets the sensor name configured on the ASA 5500-X IPS SSP. To view the

sensors that are configured on the ASA 5500-X IPS SSP, enter allocate-ips

?. All available sensors are listed. You can also enter the show ips command.

In the system execution space, the show ips command lists all available

sensors; if you enter it in the context, it shows the sensors you already

assigned to the context. If you specify a sensor name that does not yet exist

on the ASA 5500-X IPS SSP, you get an error, but the allocate-ips command

is entered as is. Until you create a sensor of that name on the

ASA 5500-X IPS SSP, the context assumes the sensor is down.

Command Mode

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

Context configuration

••—— •

Release Modification

8.0(2) This command was introduced.

previous next