Cisco Cisco IPS 4255 Sensor
6
Release Notes for Cisco Intrusion Prevention System 6.0(4a)E1
OL-8872-02
MySDN Decommissioned
After you add the Asymmetric flag, reboot the sensor.
To verify that the Asymmetric mode processing has been enabled, run traffic through the inline
sensor and verify that TCP packets pass through the system unaltered and not reordered. You can
also verify Asymmetric mode processing in the TCP Normalizer stage statistics. Verify that the
number of Current Streams is increasing, but the number of Closed, Closing, Embryonic, and
Established streams are all 0:
sensor and verify that TCP packets pass through the system unaltered and not reordered. You can
also verify Asymmetric mode processing in the TCP Normalizer stage statistics. Verify that the
number of Current Streams is increasing, but the number of Closed, Closing, Embryonic, and
Established streams are all 0:
Current Streams = 1630
Current Streams Closed = 0
Current Streams Closing = 0
Current Streams Embryonic = 0
Current Streams Established = 0
•
Ability to enable and disable CDP forwarding
Log in to the service account and in the /usr/cids/idsRoot/etc/interface.conf file, change
cdp-mode=block
to
cdp-mode=forward
.
Save your changes to the interface.conf file, and reboot the sensor.
For More Information
For more information on the Normalizer engine, refer to
MySDN Decommissioned
Because MySDN has been decommissioned, the URL in older versions of IDM and IME is no longer
functional. If you are using IPS 6.0 or later, we recommend that you upgrade your version of IDM and
IME.
functional. If you are using IPS 6.0 or later, we recommend that you upgrade your version of IDM and
IME.
You can upgrade to the following versions to get the functioning MySDN URL:
•
IDM 7.0.3
•
IME 7.0.3
•
IPS 7.0(4), which contains IDM 7.0.4
If you are using version IPS 5.x, you must look up signature information manually at this URL:
For More Information