Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

A-35

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Appendix A System Architecture

Cisco IPS File Structure

<sd:time offset="0" timeZone="UTC">1043238671706378000</sd:time>

<sd:signature description="IOS Udp Bomb" id="4600" cid:version="S37">

<cid:subsigId>0</cid:subsigId>

</sd:signature> …

Cisco IPS File Structure

The Cisco IPS has the following directory structure:

• /usr/cids/idsRoot—Main installation directory.

• /usr/cids/idsRoot/shared—Stores files used during system recovery.

• /usr/cids/idsRoot/var—Stores files created dynamically while the sensor is running.

• /usr/cids/idsRoot/var/updates—Stores files and logs for update installations.

• /usr/cids/idsRoot/var/virtualSensor—Stores files used by SensorApp to analyze regular expressions.

• /usr/cids/idsRoot/var/eventStore—Contains the Event Store application.

• /usr/cids/idsRoot/var/core—Stores core files that are created during system crashes.

• /usr/cids/idsRoot/var/iplogs—Stores iplog file data.

• /usr/cids/idsRoot/bin—Contains the binary executables.

• /usr/cids/idsRoot/bin/authentication—Contains the authentication application.

• /usr/cids/idsRoot/bin/cidDump—Contains the script that gathers data for tech support.

• /usr/cids/idsRoot/bin/cidwebserver—Contains the web server application.

• /usr/cids/idsRoot/bin/cidcli—Contains the CLI application.

• /usr/cids/idsRoot/bin/nac—Contains the ARC application.

• /usr/cids/idsRoot/bin/logApp—Contains the logger application.

• /usr/cids/idsRoot/bin/mainApp—Contains the main application.

• /usr/cids/idsRoot/bin/sensorApp—Contains the sensor application.

• /usr/cids/idsRoot/bin/collaborationApp—Contains the collaboration application.

• /usr/cids/idsRoot/bin/switchApp—Contains the switch application.

• /usr/cids/idsRoot/bin/falcondump—Contains the application for getting packet dumps on the

sensing ports of IDSM-2.

• /usr/cids/idsRoot/etc—Stores sensor configuration files.

• /usr/cids/idsRoot/htdocs—Contains the IDM files for the web server.

• /usr/cids/idsRoot/lib—Contains the library files for the sensor applications.

• /usr/cids/idsRoot/log—Contains the log files for debugging.

• /usr/cids/idsRoot/tmp—Stores the temporary files created during run time of the sensor.

previous next