Cisco Cisco IPS 4345 Sensor
56
Release Notes for Cisco Intrusion Prevention System 7.1(4)E4
OL-25389-01
Cisco Security Intelligence Operations
For More Information
Cisco Security Intelligence Operations
The Cisco Security Intelligence Operations site on Cisco.com provides intelligence reports about current
vulnerabilities and security threats. It also has reports on other security topics that help you protect your
network and deploy your security systems to reduce organizational risk.
vulnerabilities and security threats. It also has reports on other security topics that help you protect your
network and deploy your security systems to reduce organizational risk.
You should be aware of the most recent security threats so that you can most effectively secure and
manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports
listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports
listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
Cisco Security Intelligence Operations contains a Security News section that lists security articles of
interest. There are related security tools and links.
interest. There are related security tools and links.
You can access Cisco Security Intelligence Operations at this URL:
Cisco Security Intelligence Operations is also a repository of information for individual signatures,
including signature ID, type, structure, and description.
including signature ID, type, structure, and description.
You can search for security alerts and signatures at this URL:
Restrictions and Limitations
The following restrictions and limitations apply to Cisco IPS 7.1(4)E4 software and the products that
run it:
run it:
•
On the IPS 4510 and IPS 4520, no interface-related configurations are allowed when the SensorApp
is down.
is down.
•
When the IPS 4510 and IPS 4520 are configured in VLAN pairs, the packet display command does
not work without the VLAN option if the expression keyword is also used.
not work without the VLAN option if the expression keyword is also used.
•
The IPS 4510 and IPS 4520 take about 10 to 15 seconds longer to boot up as compared to the
IPS 4270-20.
IPS 4270-20.
•
On the IPS 4270-20, rx/tx flow control is disabled. This is a change from IPS 7.0 where rx/tx flow
control is enabled by default.
control is enabled by default.
•
The memory usage statistics on the sensor will always show a high value, because the SensorApp
reserves the entire memory with the exception of about 2 GB. This makes the memory management
more efficient.
reserves the entire memory with the exception of about 2 GB. This makes the memory management
more efficient.
•
For the ASA 5585-X IPS SSP, IPS 4510, and IPS 4520, when monitored through the IDM or the
IME, the CPU usage is always shown as 100% even when no traffic is being inspected. This is due
to the SensorApp threads continuously polling the Regex accelerator card queues to get the packets
for processing. You can obtain the actual inspection load by using the following command:
IME, the CPU usage is always shown as 100% even when no traffic is being inspected. This is due
to the SensorApp threads continuously polling the Regex accelerator card queues to get the packets
for processing. You can obtain the actual inspection load by using the following command:
sensor# show statistics virtual-sensor | in Load
Processing Load Percentage = 1
•
The show interface command output for the IPS 4510 and IPS 4520 does not include the total
undersize packets or total transmit FIFO overruns.
undersize packets or total transmit FIFO overruns.