Cisco Cisco IPS 4255 Sensor

Traffic on any port located on the ASA 5585-X IPS SSP (1/x) no longer passes through the 

adaptive security when the ASA 5585-X IPS SSP is reset or shut down. This affects all traffic through 
these ports regardless of whether or not the traffic would have been monitored by the IPS. The link on 
the ports will link down when the ASA 5585-X IPS SSP is reset or shut down.

Using the ports located on the ASA 5585-X IPS SSP (1/x), and resetting or shutting 

down the ASA 5585-X IPS SSP via any mechanism.

Use the ports on the adaptive security appliance (0/x) instead because those ports do not lose 

their link when the ASA 5585-X IPS SSP is reset or shut down.

Refer to the following URL for information about the jumbo packet frame size for the ASA modules:

9

A jumbo frame is an Ethernet packet that is larger than the standard maximum of 1518 bytes (including 
Layer 2 header and FCS).

The jumbo packet count in the show interface command output from the lines 

Total Jumbo Packets 

Received

 and 

Total Jumbo Packets Transmitted

 for ASA IPS modules may be larger than expected 

due to some packets that were almost jumbo size on the wire being counted as jumbo size by the IPS. 
This miscount is a result of header bytes added to the packet by the ASA before the packet is transmitted 
to the IPS. For IPv4, 58 bytes of header data are added. For IPv6, 78 bytes of header data are added. The 
ASA removes the added IPS header before the packet leaves the ASA.

Import the new SSL certificate for the new sensor to each tool being used to monitor the new sensor.

For the procedures for configuring TLS/SSL, for the CLI refer to 

 

for the IDM refer to 

, and for

 

the IME refer to 

The Cisco Security Intelligence Operations site on Cisco.com provides intelligence reports about current 
vulnerabilities and security threats. It also has reports on other security topics that help you protect your 
network and deploy your security systems to reduce organizational risk.