Manualshelf

User manual

ManualsBrandsCisco Systems ManualsSoftwareHome Security System IPS4510K9
51525354555657585960
2-11
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2
OL-29168-01
Chapter 2 Initializing the Sensor
Advanced Setup
[1] GigabitEthernet0/3
[2] GigabitEthernet0/0
Inline Vlan Pair:
[3] GigabitEthernet0/0:1 (Vlans: 200, 300)
Inline Interface Pair:
[4] newPair (GigabitEthernet0/1, GigabitEthernet0/2)
Add Interface:
Step 21
Enter
3
to add inline VLAN pair GigabitEthernet0/0:1.
Step 22
Enter
4
to add inline interface pair NewPair.
Step 23
Press Enter to return to the top-level virtual sensor menu.
Virtual Sensor: vs0
Anomaly Detection: ad0
Event Action Rules: rules0
Signature Definitions: sig0
Inline Vlan Pair:
GigabitEthernet0/0:1 (Vlans: 200, 300)
Inline Interface Pair:
newPair (GigabitEthernet0/1, GigabitEthernet0/2)
[1] Remove virtual sensor.
[2] Modify "vs0" virtual sensor configuration.
[3] Create new virtual sensor.
Option: GigabitEthernet0/1, GigabitEthernet0/2)
Add Interface:
Step 24
Press Enter to return to the top-level interface and virtual sensor configuration menu.
[1] Edit Interface Configuration
[2] Edit Virtual Sensor Configuration
[3] Display configuration
Option:
Step 25
Enter
yes
if you want to modify the default threat prevention settings.
Note
The sensor comes with a built-in override to add the deny packet event action to high risk rating
alerts. If you do not want this protection, disable automatic threat prevention.
Virtual sensor newVs is configured to prevent high risk threats in inline mode. (Risk
Rating 90-100)
Virtual sensor vs0 is configured to prevent high risk threats in inline mode.(Risk Rating
90-100)
Do you want to disable automatic threat prevention on all virtual sensors?[no]:
Step 26
Enter
yes
to disable automatic threat prevention on all virtual sensors.
Step 27
Press Enter to exit the interface and virtual sensor configuration.
The following configuration was entered.
service host
network-settings
host-ip 192.168.1.2/24,192.168.1.1
host-name sensor
telnet-option disabled
sshv1-fallback disabled
ftp-timeout 300
no login-banner-text
exit
time-zone-settings
offset 0