Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

20-7

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 20 Configuring the ASA 5585-X IPS SSP

Creating Virtual Sensors for the ASA 5585-X IPS SSP

anomaly-detection-name: ad1 default: ad0

operational-mode: learn default: detect

-----------------------------------------------

physical-interface (min: 0, max: 999999999, current: 2)

-----------------------------------------------

name: PortChannel0/0

subinterface-number: 0 <defaulted>

-----------------------------------------------

-----------------------------------------------

logical-interface (min: 0, max: 999999999, current: 0)

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

sensor(config-ana-vir)#

Step 10 Exit analysis engine mode.

sensor(config-ana-vir)# exit

sensor(config-ana)# exit

Apply Changes:?[yes]:

sensor(config)#

Step 11 Press Enter to apply the changes or enter no to discard them.

For More Information

• For the procedures for creating and configuring anomaly detection policies, see Working With

Anomaly Detection Policies, page 9-9.

• For the procedure for creating and configuring event action rules policies, see Working With Event

Action Rules Policies, page 7-8.

• For the procedure for creating and configuring signature definitions, Working With Signature

Definition Policies, page 8-2.

• For the procedure for enabling anomaly detection, see Enabling Anomaly Detection, page 9-8.

Assigning Virtual Sensors to Adaptive Security Appliance Contexts

After you create virtual sensors on the ASA 5585-X IPS SSP, you must assign the virtual sensors to a

security context on the adaptive security appliance.

The following options apply:

• [no] allocate-ips sensor_name [mapped_name] [default]—Allocates a virtual sensor to a security

context. Supported modes are multiple mode, system context, and context submode.

Note You cannot allocate the same virtual sensor twice in a context.

–

sensor_name—Specifies the name of the virtual sensor configured on the

ASA 5585-X IPS SSP. You receive a warning message if the name is not valid.

–

mapped_name—Specifies the name by which the security context knows the virtual sensor.

previous next