20-10
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 20 Configuring the ASA 5585-X IPS SSP
The ASA 5585-X IPS SSP and the Normalizer Engine
asa/c3(config)#
Step 8 Confirm the configuration.
asa/c3(config)# exit
asa(config)# show ips detail
Sensor Name Sensor ID Allocated To Mapped Name
----------- --------- ------------ -----------
vs0 1 admin adminvs0
c3 c3vs0
vs1 2 c2 c2vs1
c3 c3vs1
asa(config)#
The ASA 5585-X IPS SSP and the Normalizer Engine
The majority of the features in the Normalizer engine are not used on the ASA 5585-X IPS SSP,
because the ASA itself handles the normalization. Packets on the ASA IPS modules go through a special
path in the Normalizer that only reassembles fragments and puts packets in the right order for the TCP
stream. The Normalizer does not do any of the normalization that is done on an inline IPS appliance,
because that causes problems in the way the ASA handles the packets.
The following Normalizer engine signatures are not supported:
• 1300.0
• 1304.0
• 1305.0
• 1307.0
• 1308.0
• 1309.0
• 1311.0
• 1315.0
• 1316.0
• 1317.0
• 1330.0
• 1330.1
• 1330.2
• 1330.9
• 1330.10
• 1330.12
• 1330.14
• 1330.15
• 1330.16
• 1330.17