Cisco Cisco IPS 4255 Sensor
5
Release Notes for Cisco Intrusion Prevention System 5.1(7)E1
OL-8492-01
New and Changed Information
Note
If you are using these tools to monitor 5.1(7)E1 sensors, add the sensors to the configuration
as if they were 4.1 sensors. You cannot view the new fields in 5.1(7)E1 alerts in these alarm
viewers until they have been upgraded to accommodate the new fields in 5.1(7)E1. Security
Monitor 2.1 is being upgraded to display the fields in 5.1(7)E1 alerts.
as if they were 4.1 sensors. You cannot view the new fields in 5.1(7)E1 alerts in these alarm
viewers until they have been upgraded to accommodate the new fields in 5.1(7)E1. Security
Monitor 2.1 is being upgraded to display the fields in 5.1(7)E1 alerts.
Note
Viewers that are already configured to monitor the 4.x sensors may need to be configured to
accept a new SSL certificate for the 5.1(7)E1 sensors.
accept a new SSL certificate for the 5.1(7)E1 sensors.
For More Information
For the procedure for configuring a new SSL certificate, for the CLI, refer to
, and for
.
New and Changed Information
Cisco IPS 5.1(7)E1 contains the following new features:
•
IPS 5.1(7)E1has a new file naming system
•
IPS-4260 supports hardware bypass.
IPS-4260 supports the Intel 4-port PCI-Express card with hardware bypass. This PCI card supports
hardware bypass only between ports 0 and 1 and between ports 2 and 3. Hardware bypass
complements the existing software bypass feature in IPS 5.1(7)E1.
hardware bypass only between ports 0 and 1 and between ports 2 and 3. Hardware bypass
complements the existing software bypass feature in IPS 5.1(7)E1.
•
Support for the Incident Control System (ICS).
The ICS service augments Cisco’s current IPS Signature Service by delivering more rapid and
focused response to breaking threats.
focused response to breaking threats.
•
Inline VLAN pairs
The sensor can perform inline sensing between one or more VLAN pairs on a single sensor interface.
Cisco Catalyst line cards that connect directly to the switch backplane and appliances that connect
to an external port of the switch can use this feature.
Cisco Catalyst line cards that connect directly to the switch backplane and appliances that connect
to an external port of the switch can use this feature.
Note
For the IDSM-2, inline sensing is supported in Catalyst Software 8.5(1). You can install IPS
5.1(7)E1 on an IDSM-2 with an older version of Catalyst Software, but the inline VLAN
pairs feature does not work.
5.1(7)E1 on an IDSM-2 with an older version of Catalyst Software, but the inline VLAN
pairs feature does not work.
•
Rate Limiting
A rate limit restricts the amount of a specified type of traffic that is allowed on a network device
interface to a percentage of maximum bandwidth capacity. Traffic that exceeds this percentage is
dropped by the network device. A rate limit can restrict traffic to a specified target host, or to all
traffic that crosses the configured interface/directions. You can rate limit permanently or for a
specified amount of time. A rate limit is identified by a protocol, an optional destination address,
and an optional data value.
interface to a percentage of maximum bandwidth capacity. Traffic that exceeds this percentage is
dropped by the network device. A rate limit can restrict traffic to a specified target host, or to all
traffic that crosses the configured interface/directions. You can rate limit permanently or for a
specified amount of time. A rate limit is identified by a protocol, an optional destination address,
and an optional data value.