Cisco Cisco IPS 4255 Sensor
7
Release Notes for Cisco Intrusion Prevention System 6.2(2)E4
OL-21670-01
Cisco IPS Device Manager
You can upgrade to the following versions to get the functioning MySDN URL:
•
IDM 7.0.3
•
IME 7.0.3
•
IPS 7.0(4), which contains IDM 7.0.4
If you are using version IPS 5.x, you must look up signature information manually at this URL:
For More Information
For detailed information on MySDN, for IDM refer to
and for IME refer to
Cisco IPS Device Manager
A new version of IDM is bundled with the E4 engine update, IDM 7.0(3). We have modified IDM to
correctly display and edit the additional values allowed in the Retired parameter field of a signature. We
have also modified IDM and its associated ASDM Launcher application to increase the upper memory
limit that Java VM uses. With this change you can display and tune more signatures in IDM.
correctly display and edit the additional values allowed in the Retired parameter field of a signature. We
have also modified IDM and its associated ASDM Launcher application to increase the upper memory
limit that Java VM uses. With this change you can display and tune more signatures in IDM.
Note
We recommend that ASDM users upgrade to ASDM 6.3 or later. The Java VM upper memory limit of
ASDM 6.3 has been increased. Older versions of ASDM may not have enough available memory for
IDM7.0(3) to function properly.
ASDM 6.3 has been increased. Older versions of ASDM may not have enough available memory for
IDM7.0(3) to function properly.
Note
After upgrading to the E4 signature engine, disconnect and restart any open IDM sessions to make sure
that your system downloads and uses the latest IDM application from the sensor.
that your system downloads and uses the latest IDM application from the sensor.
For More Information
For more information about the new values allowed in the Retired parameter for a signature, see
IPv6, Switches, and Lack of VACL Capture
VACLs on Catalyst switches do not have IPv6 support. The most common method for copying traffic to
a sensor configured in Promiscuous mode is to use VACL capture. If you want to have IPv6 support, you
can use SPAN ports.
a sensor configured in Promiscuous mode is to use VACL capture. If you want to have IPv6 support, you
can use SPAN ports.
However, you can only configure up to two monitor sessions on a switch unless you use the following
configuration:
configuration:
•
Monitor session
•
Multiple trunks to one or more sensors
•
Restrict per trunk port which VLANs are allowed to perform monitoring of many VLANs to more
than two different sensors or virtual sensors within one IPS
than two different sensors or virtual sensors within one IPS