Cisco Systems ASA 5580 Manual De Usuario
31-4
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 31 Configuring the ASA IPS Module
Information About the ASA IPS Module
Figure 31-3
Security Contexts and Virtual Sensors
shows a single mode ASA paired with multiple virtual sensors (in inline mode); each defined
traffic flow goes to a different sensor.
Figure 31-4
Single Mode ASA with Multiple Virtual Sensors
Information About Management Access
You can manage the IPS application using the following methods:
•
Sessioning to the module from the ASA—If you have CLI access to the ASA, then you can session
to the module and access the module CLI. See the
to the module and access the module CLI. See the
•
Connecting to the IPS management interface using ASDM or SSH—After you launch ASDM from
the ASA, your management station connects to the module management interface to configure the
IPS application. For SSH, you can access the module CLI directly on the module management
interface. (Telnet access requires additional configuration in the module application). The module
management interface can also be used for sending syslog messages or allowing updates for the
module application, such as signature database updates.
the ASA, your management station connects to the module management interface to configure the
IPS application. For SSH, you can access the module CLI directly on the module management
interface. (Telnet access requires additional configuration in the module application). The module
management interface can also be used for sending syslog messages or allowing updates for the
module application, such as signature database updates.
ASA
Main System
IPS
Sensor
1
Context
1
Context
2
Context
3
Sensor
2
251
1
60
Sensor
1
Sensor
2
Sensor
3
ASA
Main System
IPS
Traffic 1
Traffic 2
Traffic 3
251
159