Cisco IPS 7.1 Manuals

Manuals and User Guides for Cisco IPS 7.1. We have 1 Cisco IPS 7.1 manual available for free PDF download: Installation Manual

Cisco IPS 7.1 Installation Manual (470 pages)

Intrusion Prevention System Appliance and Module

Brand: Cisco | Category: Network Hardware | Size: 16.34 MB

Table of Contents
3
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS
14
- Contents
  14
- Audience
  15
- Contents
  15
About this Guide

15
Chapter 1 Introducing the Sensor

20
- Your Network Topology
  21
- Correctly Deploying the Sensor
  21
- Tuning the IPS
  21
- Sensor Interfaces
  22
  - Understanding Sensor Interfaces
    22
  - Command and Control Interface
    23
  - Sensing Interfaces
    24
  - Interface Support
    24
  - TCP Reset Interfaces
    29
  - Interface Restrictions
    30
  - Interface Modes
    32
    
    Promiscuous Mode
    32
    
    Ipv6, Switches, and Lack of VACL Capture
    32
    
    Inline Interface Pair Mode
    34
    
    Inline VLAN Pair Mode
    34
    
    VLAN Group Mode
    35
    
    Deploying VLAN Groups
    36
- Supported Sensors
  36
- IPS Appliances
  38
  - Introducing the IPS Appliance
    38
  - Appliance Restrictions
    39
- Connecting an Appliance to a Terminal Server
  40
- Time Sources and the Sensor
  40
Chapter 2 Preparing the Appliance for Installation

45
- Installation Preparation
  45
- Safety Recommendations
  46
- General Site Requirements
  49
  - Site Environment
    49
  - Preventive Site Configuration
    49
  - Power Supply Considerations
    50
  - Configuring Equipment Racks
    50
CHAPTER 3 Installing the IPS 4240 and IPS 42553-1

51
- Contents
  51
- Installation Notes and Caveats
  51
- Product Overview
  52
- Front and Back Panel Features
  53
- Specifications
  54
- Connecting the IPS 4240 to a Cisco 7200 Series Router
  55
- Accessories
  55
- Rack Mounting
  56
- Installing the IPS 4240 and IPS 4255
  57
  - Console Port (RJ
    59
  - RJ-45 to DB-9 or DB-
    59
- Installing the IPS 4240-DC
  60
CHAPTER 4 Installing the IPS 4260 4-1

65
- Contents
  65
- Installation Notes and Caveats
  65
- Product Overview
  66
- Supported Interface Cards
  67
- Hardware Bypass
  68
- Front and Back Panel Features
  71
- Specifications
  73
- Accessories
  74
- Rack Mounting
  74
  - Installing the IPS 4260 in a 4-Post Rack
    75
  - Installing the IPS 4260 in a 2-Post Rack
    78
- Installing the IPS 4260
  80
- Removing and Replacing the Chassis Cover
  83
- Installing and Removing Interface Cards
  85
- Installing and Removing the Power Supply
  87
Chapter 5 Installing the IPS 4270-20

91
- Contents
  91
- Installation Notes and Caveats
  91
- Product Overview
  92
- Supported Interface Cards
  94
- Hardware Bypass
  95
- Front and Back Panel Features
  98
- Diagnostic Panel
  104
- Specifications
  105
- Accessories
  106
- Installing the Rail System Kit
  106
- Installing the IPS 4270-20
  125
- Removing and Replacing the Chassis Cover
  129
- Accessing the Diagnostic Panel
  132
- Installing and Removing Interface Cards
  133
- Installing and Removing the Power Supply
  135
- Installing and Removing Fans
  140
- Troubleshooting Loose Connections
  142
CHAPTER 6 Installing the IPS 4345 and IPS 43606-1

143
- Contents
  143
- Installation Notes and Caveats
  143
- Product Overview
  144
- Specifications
  144
- Specifications
  145
- Accessories
  146
- Front and Back Panel Features
  147
- Rack Mount Installation
  151
- Installing the Appliance on the Network
  154
- Removing and Installing the Power Supply
  157
CHAPTER 7 Installing the IPS 4510 and IPS 45207-1

171
- Contents
  171
- Installation Notes and Caveats
  171
  - Specifications
    171
  - Accessories
    171
- Product Overview
  172
- Chassis Features
  173
- Specifications
  179
- Accessories
  180
- Memory Configurations
  181
- Power Supply Module Requirements
  181
- Supported SFP/SFP+ Modules
  181
- Installing the IPS 4510 and IPS 4520
  182
- Removing and Installing the Core IPS SSP
  185
- Removing and Installing the Power Supply Module
  187
- Removing and Installing the Fan Module
  189
- Installing the Slide Rail Kit Hardware
  190
- Installing and Removing the Slide Rail Kit
  191
  - Package Contents
    192
  - Installing the Chassis in the Rack
    192
  - Removing the Chassis from the Rack
    198
- Rack-Mounting the Chassis Using the Fixed Rack Mount
  200
- Installing the Cable Management Brackets
  203
- Troubleshooting Loose Connections
  204
- IPS 4500 Series Sensors and the Switchapp
  205
- Contents
  207
- Installation Notes and Caveats
  207
Chapter 8 Installing and Removing the ASA 5500 AIP SSM

208
- Product Overview
  208
- Specifications
  210
- Memory Specifications
  210
- Hardware and Software Requirements
  210
- Indicators
  211
- Installation and Removal Instructions
  211
- Contents
  215
- Installation Notes and Caveats
  215
Chapter 9 Installing and Removing the ASA 5585-X IP SSP

216
- Introducing the ASA 5585-X IPS SSP
  216
- Specifications
  217
- Hardware and Software Requirements
  218
- Front Panel Features
  218
- Memory Requirements
  222
- SFP/SFP+ Modules
  223
- Installing the ASA 5585-X IPS SSP
  223
Appendix

231
Logging in to the Sensor

231
- Contents
  231
- Supported User Roles
  231
Appendix A Logging in to the Sensor

232
Appendix

239
Initializing the Sensor

239
- Contents
  239
- Understanding Initialization
  239
- Simplified Setup Mode
  240
- System Configuration Dialog
  240
Appendix B Initializing the Sensor

240
- Contents
  
  241
  - Basic Sensor Setup
    242
  - Basic Sensor Setup
    243
  - Advanced Setup
    245
    
    Advanced Setup for the Appliance
    245
    
    Advanced Setup for the ASA 5500 AIP SSM
    251
    
    Advanced Setup for the ASA 5500-X IPS SSP
    255
    
    Advanced Setup for the ASA 5585-X IPS SSP
    259
  - Verifying Initialization
    263
Appendix

267
Obtaining Software

267
- Contents
  267
- Obtaining Cisco IPS Software
  267
Appendix C Obtaining Software

268
Appendix

283
Upgrading, Downgrading, and Installing System Images

283
Contents

313
- Understanding Preventive Maintenance
  314
Appendix

313
Troubleshooting

313
- Cisco Bug Search
  313
- Backing up and Restoring the Configuration File Using a Remote Server
  315
- Creating and Using a Backup Configuration File
  315
- Creating the Service Account
  317
- Disaster Recovery
  318
- Recovering the Password
  319
  - Understanding Password Recovery
    320
  - Recovering the Password for the Appliance
    320
    
    Using the GRUB Menu
    320
    
    Using ROMMON
    321
  - Recovering the ASA 5500-X IPS SSP Password
    322
  - Recovering the ASA 5585-X IPS SSP Password
    324
  - Disabling Password Recovery
    325
  - Verifying the State of Password Recovery
    326
  - Troubleshooting Password Recovery
    327
- Time Sources and the Sensor
  327
- Advantages and Restrictions of Virtualization
  329
- Supported Mibs
  330
- Troubleshooting Global Correlation
  331
- When to Disable Anomaly Detection
  331
- Analysis Engine Not Responding
  332
- Troubleshooting External Product Interfaces
  333
  - External Product Interfaces Issues
    333
  - External Product Interfaces Troubleshooting Tips
    334
- Troubleshooting RADIUS Authentication
  333
- Troubleshooting the Appliance
  334
  - The Appliance and Jumbo Packet Frame Size
    334
  - Hardware Bypass and Link Changes and Drops
    335
  - Analysis Engine Is Busy
    336
  - Troubleshooting Loose Connections
    336
  - Communication Problems
    337
    
    Cannot Access the Sensor CLI through Telnet or SSH
    337
    
    Correcting a Misconfigured Access List
    339
    
    Duplicate IP Address Shuts Interface down
    340
  - The Sensorapp and Alerting
    341
    
    The Sensorapp Is Not Running
    341
    
    Physical Connectivity, SPAN, or VACL Port Issue
    341
    
    Unable to See Alerts
    341
    
    Sensor Not Seeing Packets
    346
    
    Cleaning up a Corrupted Sensorapp Configuration
    347
  - Blocking
    348
    
    Troubleshooting Blocking
    348
    
    Verifying ARC Is Running
    349
    
    Verifying ARC Connections Are Active
    349
    
    Device Access Issues
    352
    
    Verifying the Interfaces and Directions on the Network Device
    353
    
    Blocking Not Occurring for a Signature
    354
    
    Verifying the Master Blocking Sensor Configuration
    355
  - Logging
    357
    
    Enabling Debug Logging
    357
    
    Zone Names
    361
    
    Directing Cidlog Messages to Syslog
    362
  - TCP Reset Not Occurring for a Signature
    363
  - Software Upgrades
    364
    
    Upgrading and Analysis Engine
    364
    
    Which Updates to Apply and Their Prerequisites
    365
    
    Issues with Automatic Update
    365
    
    Updating a Sensor with the Update Stored on the Sensor
    366
- Troubleshooting the IDM
  367
- Troubleshooting the IME
  370
- Troubleshooting the ASA 5500 AIP SSM
  371
- Troubleshooting the ASA 5500-X IPS SSP
  377
- Troubleshooting the ASA 5585-X IPS SSP
  388
- Gathering Information
  395
  - Health and Network Security Information
    395
  - Tech Support Information
    395
    
    Understanding the Show Tech-Support Command
    396
    
    Displaying Tech Support Information
    396
    
    Displaying Tech Support Information
    397
    
    Tech Support Command Output
    398
  - Version Information
    401
    
    Understanding the Show Version Command
    401
    
    Displaying Version Information
    401
  - Statistics Information
    403
    
    Understanding the Show Statistics Command
    403
    
    Displaying Statistics
    403
  - Interfaces Information
    416
    
    Understanding the Show Interfaces Command
    416
    
    Interfaces Command Output
    416
  - Events Information
    417
    
    Sensor Events
    417
    
    Understanding the Show Events Command
    417
Appendix E Troubleshooting

315
- Preventive Maintenance
  313
Cable Pinouts

423

Cisco Categories

Switch IP Phone

Network Router Wireless Access Point Conference System

More Cisco Manuals

Cisco IPS 7.1 Manuals

Cisco IPS 7.1 Installation Manual (470 pages)

Table of Contents

About this Guide

Chapter 1 Introducing the Sensor

Chapter 2 Preparing the Appliance for Installation

CHAPTER 3 Installing the IPS 4240 and IPS 42553-1

CHAPTER 4 Installing the IPS 4260 4-1

Chapter 5 Installing the IPS 4270-20

CHAPTER 6 Installing the IPS 4345 and IPS 43606-1

CHAPTER 7 Installing the IPS 4510 and IPS 45207-1

Chapter 8 Installing and Removing the ASA 5500 AIP SSM

Chapter 9 Installing and Removing the ASA 5585-X IP SSP

Appendix

Logging in to the Sensor

Appendix A Logging in to the Sensor

Appendix

Initializing the Sensor

Appendix B Initializing the Sensor

Contents

Appendix

Obtaining Software

Appendix C Obtaining Software

Appendix

Upgrading, Downgrading, and Installing System Images

Contents

Appendix

Troubleshooting

Appendix E Troubleshooting

Cable Pinouts

Related Products

Cisco Categories