Cisco Cisco IPS 4255 Sensor

Click Next to choose the destination folder, click Install to install the IME, and then click Finish to exit 
the wizard. The Cisco IME and Cisco IME Demo icons are now on your desktop.

The first time you start the IME, you are prompted to set up a password. 

To migrate IEV 5.x events to the IME, you must exit the installation and manually export the old events 
by using the IEV 5.x export function to move the data to local files. After installing the IME, you can 
import these files to the new IME system.

The IME does not support import and migration functions for IEV 4.x.

To export event data from IEV 5.x to a local file:

From IEV 5.x, choose File > Database Administration > Export Database Tables.

Enter the file name and select the table(s). 

Click OK. The events in the selected table(s) are exported to the specified local file.

To import event data in to the IME, follow these steps:

From the IME, choose File > Import.

Select the file exported from IEV 5.x and click Open. The contents of the selected file are imported in 
to the IME.

For more information about the IME, refer to 

Anomaly detection is disabled by default in IPS 7.1(2)E4 and later. You must enable it to configure or 
apply an anomaly detection policy. Enabling anomaly detection results in a decrease in performance. 

The following section explains how to enable anomaly detection through the IDM, IME, and the CLI. It 
contains the following topics: