Cisco Cisco IPS 4255 Sensor

Simplified initialization using the setup command

Unauthenticated NTP

Improved upgrade status information

Support of inline asymmetric traffic

Password integrity service

Cisco Intrusion Prevention System Manager Express (IME)

Real-time and historical events monitoring

Health-monitoring console

Integrated configuration

Customizable dashboards

Tools (ping, traceroute, whois, DNS lookup)

RSS feeds

Video help

Reporting

Enhanced IDM

Startup wizard

Health monitoring improvements

Customizable dashboards

Improved policy and signature tables

User interface performance improvements

In earlier 6.0 releases, a manual workaround was available to support inline asymmetric traffic. In 
the IPS 6.1(1)E1 release, you can enable inline asymmetric traffic using the CLI or IDM. If you used 
the workaround to enable asymmetric traffic, remove the manual setting in the CLI, and reenable 
asymmetric traffic.

If you do not remove the manual entry in the sensorApp.conf file, you will receive the 
following main.log warning each time you reboot the sensor: 

NormalizerSettings in 

sensorApp.conf (AsynchMode and AsymmetricFlows) have been removed. Use Service 

AnalysisEngine - VS - inline-TCP-evasion-protection-mode.

The legacy RDEP Event Server, used by IDS versions 4.x to communicate events, is not enabled by 
default in this release. You can enable RDEP Event Server subscriptions in IDM or IME. We 
recommend you migrate to SDEE/CIDEE because the RDEP Event Server is not supported in future 
releases.

IPS 6.1(1)E1 includes the S329 signature update. 

For more information on Inline TCP session tracking mode, refer to 

For the procedure for enabling inline TCP evasion protection mode, refer to 

.

For the procedure for enabling RDEP Event Server subscriptions, for the IDM procedure, refer to 

, and for the IME procedure, refer to