Cisco Cisco IPS 4255 Sensor Notas de publicación
5
Release Notes for Cisco Intrusion Prevention System 6.1(2)E3
OL-18881-01
New and Changed Information
Cisco Security Intelligence Operations is also a repository of information for individual signatures,
including signature ID, type, structure, and description.
including signature ID, type, structure, and description.
You can search for security alerts and signatures at this URL:
New and Changed Information
Cisco IPS 6.1(2)E3 includes the following new features:
•
10-Gigabit Ethernet support
IPS 6.1(2)E3 provides support for a 10-Gigabit Ethernet network interface card for the IPS 4260 and
IPS 4270-20.
IPS 4270-20.
•
Migration of current health monitor information during upgrades
IPS 6.1(2)E3 modifies the upgrade scripts to migrate the current health monitor information during
upgrades. IPS 6.1(1) added the health monitor feature so you can monitor the health and welfare of
the sensor. You can enable or disable the various metrics and tune the parameters to tailor the
metrics to your own needs. This information is now preserved during the upgrade to IPS 6.1(2)E3.
upgrades. IPS 6.1(1) added the health monitor feature so you can monitor the health and welfare of
the sensor. You can enable or disable the various metrics and tune the parameters to tailor the
metrics to your own needs. This information is now preserved during the upgrade to IPS 6.1(2)E3.
•
Preservation of old passwords during upgrades
IPS 6.1(2)E3 modifies the upgrade scripts to migrate the opasswd file during upgrades. The
/etc/security/opasswd file preserves a specified number of previous passwords to disallow use of old
passwords. The old passwords are now preserved during an upgrade to IPS 6.1(2)E3.
/etc/security/opasswd file preserves a specified number of previous passwords to disallow use of old
passwords. The old passwords are now preserved during an upgrade to IPS 6.1(2)E3.
•
Kernel configured to reboot on kernel panic
In previous releases, if a hardware or driver level software issue caused a sensor kernel panic, the
sensor was left in an unresponsive state, meaning you could not log in to the service account. In IPS
6.1(2)E3, if a sensor kernel panic occurs, the sensor reboots.
sensor was left in an unresponsive state, meaning you could not log in to the service account. In IPS
6.1(2)E3, if a sensor kernel panic occurs, the sensor reboots.
•
The E3 signature engine update contains changes from CSCsu77935
The resolution of this defect modified the idle time algorithm of the sensor by applying additional
CPU to polling of the NICs to decrease the polling interval and reduce latency. This results in the
CPU usage being reported higher than in previous releases, including using external tools such as
top and ps.
CPU to polling of the NICs to decrease the polling interval and reduce latency. This results in the
CPU usage being reported higher than in previous releases, including using external tools such as
top and ps.
You can notice this additional CPU load on single-CPU platforms, as well as the primary CPU of
multi-core systems. Since the additional CPU load that is reported while polling is actually available
to process packets, and reduces as inspection load goes up, it does not negatively affect the overall
throughput of the IPS.
multi-core systems. Since the additional CPU load that is reported while polling is actually available
to process packets, and reduces as inspection load goes up, it does not negatively affect the overall
throughput of the IPS.
The best indication of sensor load is shown under the Processing Load Percentage section in the
show statistics virtual-sensor command output and on the IME Home Page.
show statistics virtual-sensor command output and on the IME Home Page.
For More Information
For the procedure for obtaining information about sensor health, for the CLI refer to
for IDM refer to
for IME refer to