Filter
Top Products
CHAPTER
4-1
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
4
Setting Up the Sensor
This chapter contains procedures for the setting up the sensor, and contains the following sections:
• Setup Notes and Caveats, page 4-1
• Understanding Sensor Setup, page 4-2
• Changing Network Settings, page 4-2
• Changing the CLI Session Timeout, page 4-13
• Changing Web Server Settings, page 4-14
• Configuring Authentication and User Parameters, page 4-16
• Configuring Time, page 4-34
• Configuring SSH, page 4-44
• Configuring TLS, page 4-50
• Installing the License Key, page 4-56
Setup Notes and Caveats
The following notes and caveats apply to setting up the sensor:
• By default SSHv1 fallback is enabled.
• When updating the hostname, the CLI prompt of the current session and other existing sessions is
not updated with the new hostname immediately. Subsequent CLI login sessions reflect the new
hostname in the prompt.
• Telnet is not a secure access service and therefore is disabled by default on the sensor. However,
SSH is always running on the sensor and it is a secure service.
• For global correlation to function, you must have either a DNS server or an HTTP proxy server
configured at all times.
• DNS resolution is supported only for accessing the global correlation update server.
• The default web server port is 443 if TLS is enabled and 80 if TLS is disabled.
• The username command provides username and password authentication for login purposes only.
You cannot use this command to remove a user who is logged in to the system. You cannot use this
command to remove yourself from the system.