Cisco Cisco IPS 4255 Sensor Notas de publicación
31
Release Notes for Cisco Intrusion Prevention System 7.0(2)E4
OL-21671-01
Restrictions and Limitations
To export event data from IEV 5.x to a local file:
Step 1
From IEV 5.x, choose File > Database Administration > Export Database Tables.
Step 2
Enter the file name and select the table(s).
Step 3
Click OK. The events in the selected table(s) are exported to the specified local file.
Importing IEV Event Data In to the IME
To import event data in to the IME, follow these steps:
Step 1
From the IME, choose File > Import.
Step 2
Select the file exported from IEV 5.x and click Open. The contents of the selected file are imported in
to the IME.
to the IME.
For More Information
For more information about Cisco IME, refer to
Restrictions and Limitations
The following restrictions and limitations apply to Cisco IPS 7.0(2)E4 software and the products that
run it:
run it:
•
For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
•
Anomaly detection does not support IPv6 traffic; only IPv4 traffic is directed to the anomaly
detection processor.
detection processor.
•
IPv6 does not support the following event actions: Request Block Host, Request Block Connection,
or Request Rate Limit.
or Request Rate Limit.
•
The AIM IPS and the NME IPS do not support the IPv6 features, because the router in which they
are installed does not send them IPv6 data. IPv6 inspection may work on IDSM2, but we do not
officially support it. There is no support for IPv6 on the management (command and control)
interface.
are installed does not send them IPv6 data. IPv6 inspection may work on IDSM2, but we do not
officially support it. There is no support for IPv6 on the management (command and control)
interface.
•
VACLs on Catalyst switches do not have IPv6 support. The most common method for copying traffic
to a sensor configured in Promiscuous mode is to use VACL capture. If you want to have IPv6
support, you can use SPAN ports.
to a sensor configured in Promiscuous mode is to use VACL capture. If you want to have IPv6
support, you can use SPAN ports.
•
ICMP signature engines do not support ICMPv6, they are IPv4-specific, for example, the Traffic
ICMP signature engine. ICMPv6 is covered by the Atomic IP Advanced signature engine.
ICMP signature engine. ICMPv6 is covered by the Atomic IP Advanced signature engine.
•
The AIM IPS and the NME IPS do not support virtualization.