Cisco Cisco IPS 4255 Sensor

Cisco IPS 6.1(1)E2 includes the following new features:

IPS sensor enhancements

Automatic signature updates from Cisco.com

Sensor and security health statistics

Simplified initialization using the setup command

Unauthenticated NTP

Improved upgrade status information

Support of inline asymmetric traffic

Password integrity service

Cisco Intrusion Prevention System Manager Express (IME)

Real-time and historical events monitoring

Health-monitoring console

Integrated configuration

Customizable dashboards

Tools (ping, traceroute, whois, DNS lookup)

RSS feeds

Video help

Reporting

Enhanced IDM

Startup wizard

Health monitoring improvements

Customizable dashboards

Improved policy and signature tables

User interface performance improvements

In earlier 6.0 releases, a manual workaround was available to support inline asymmetric traffic. In 
the IPS 6.1(1)E1 release, you can enable inline asymmetric traffic using the CLI or IDM. If you used 
the workaround to enable asymmetric traffic, remove the manual setting in the CLI, and reenable 
asymmetric traffic.

If you do not remove the manual entry in the sensorApp.conf file, you will receive the 
following main.log warning each time you reboot the sensor: 

NormalizerSettings in 

sensorApp.conf (AsynchMode and AsymmetricFlows) have been removed. Use Service 

AnalysisEngine - VS - inline-TCP-evasion-protection-mode.

The legacy RDEP Event Server, used by IDS versions 4.x to communicate events, is not enabled by 
default in this release. You can enable RDEP Event Server subscriptions in IDM or IME. We 
recommend you migrate to SDEE/CIDEE because the RDEP Event Server is not supported in future 
releases.