Filter
Top Products
A-20
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Appendix A System Architecture
MainApp
The Logger can control what log messages are generated by each application by controlling the logging
severity for different logging zones. You would only access the individual-zone-control of the logger
service at the request and supervision of a TAC engineer or developer. For troubleshooting purposes,
TAC might request that you turn on debug logging.
InterfaceApp
The InterfaceApp is a subsystem of the MainApp, which is used for configuring and managing the
Ethernet interfaces on the IPS device. There are two types of interfaces—management interfaces and
sensing interfaces. The management interface is used for managing the IPS device using management
applications, such as the IDM, IME, CSM, or CLI.The sensing interfaces represent the packet interfaces,
which are used for directing the traffic meant for inspection. In addition to configuration, the
InterfaceApp also provides packet statistics for the interfaces.
The InterfaceApp interacts with other applications on the IPS device such as the SensorApp, through
control transactions. It also communicates with NIC drivers on each platform to set the interface
properties such as speed, duplex, and so forth. The current interface configuration is stored by the
InterfaceApp and used when the IPS device is started.
NIC drivers on each platform send asynchronous events called notifications that are related to the state
of the Ethernet interfaces, for example, link up and link down notification, to the InterfaceApp. The
InterfaceApp collects these notifications and sends the appropriate events.
The InterfaceApp provides a unified view of Ethernet interfaces on different platforms with varied
hardware configuration, so that the same set of commands can be used for configuring and managing
them.
AuthenticationApp
This section describes the AuthenticationApp, and contains the following topics:
• Understanding the AuthenticationApp, page A-20
• Authenticating Users, page A-20
• Configuring Authentication on the Sensor, page A-21
• Managing TLS and SSH Trust Relationships, page A-21
Understanding the AuthenticationApp
The AuthenticationApp has the following responsibilities:
• To authenticate the identity of a user
• To administer the accounts, privileges, keys, and certificates of the user
• To configure which authentication methods are used by the AuthenticationApp and other access
services on the sensor
Authenticating Users
You must configure authentication on the sensor to establish appropriate security for user access. When
you install a sensor, an initial cisco account with an expired password is created. A user with
administrative access to the sensor accesses the sensor through the CLI or an IPS manager, such as the