Cisco Cisco IPS 4255 Sensor
5
Release Notes for Cisco Intrusion Prevention System 6.1(1)E2
OL-19696-01
New and Changed Information
New and Changed Information
Cisco IPS 6.1(1)E2 includes the following new features:
•
IPS sensor enhancements
–
Automatic signature updates from Cisco.com
–
Sensor and security health statistics
–
Simplified initialization using the setup command
–
Unauthenticated NTP
–
Improved upgrade status information
–
Support of inline asymmetric traffic
–
Password integrity service
•
Cisco Intrusion Prevention System Manager Express (IME)
–
Real-time and historical events monitoring
–
Health-monitoring console
–
Integrated configuration
–
Customizable dashboards
–
Tools (ping, traceroute, whois, DNS lookup)
–
RSS feeds
–
Video help
–
Reporting
•
Enhanced IDM
–
Startup wizard
–
Health monitoring improvements
–
Customizable dashboards
–
Improved policy and signature tables
–
User interface performance improvements
•
In earlier 6.0 releases, a manual workaround was available to support inline asymmetric traffic. In
the IPS 6.1(1)E1 release, you can enable inline asymmetric traffic using the CLI or IDM. If you used
the workaround to enable asymmetric traffic, remove the manual setting in the CLI, and reenable
asymmetric traffic.
the IPS 6.1(1)E1 release, you can enable inline asymmetric traffic using the CLI or IDM. If you used
the workaround to enable asymmetric traffic, remove the manual setting in the CLI, and reenable
asymmetric traffic.
Note
If you do not remove the manual entry in the sensorApp.conf file, you will receive the
following main.log warning each time you reboot the sensor:
following main.log warning each time you reboot the sensor:
NormalizerSettings in
sensorApp.conf (AsynchMode and AsymmetricFlows) have been removed. Use Service
AnalysisEngine - VS - inline-TCP-evasion-protection-mode.
•
The legacy RDEP Event Server, used by IDS versions 4.x to communicate events, is not enabled by
default in this release. You can enable RDEP Event Server subscriptions in IDM or IME. We
recommend you migrate to SDEE/CIDEE because the RDEP Event Server is not supported in future
releases.
default in this release. You can enable RDEP Event Server subscriptions in IDM or IME. We
recommend you migrate to SDEE/CIDEE because the RDEP Event Server is not supported in future
releases.