Cisco Cisco IPS 4520 Sensor Libro bianco
51
Intrusion Prevention
August 2012 Series
51
Step 8:
On the Traffic Inspection Mode page, select
Promiscuous
, and then
click
Next
.
Step 9:
On the Interface Selection page, in the
Select Interface
drop-down
list, select
GigabitEthernet0/0
, and then click
Next
.
Step 10:
On the Virtual Sensors page, review the configuration, and then
click
Next.
Step 11:
In this step, you will configure the IPS device to automatically
pull updates from Cisco.com. On the Auto Update page, select the
Enable
Signature and Engine Updates
option. Provide a valid cisco.com username
and password that holds entitlement to download IPS software updates.
Select
Select
Daily
, enter a time between 12:00 AM and 4:00 AM for the update
Start Time
, and then select
Every Day
. Click
Finish
Step 12:
When asked to confirm configuration changes, click
Yes
.
Step 13:
If a message indicates that a reboot is required, click
OK.
Procedure 5
Add additional sensing interfaces
Because the appliance has multiple physical interfaces, more than one
can be used to inspect traffic (either in inline or promiscuous mode). In this
deployment, you will assign an additional interface on the appliance to be
used for promiscuous mode as a resilient interface on the other switch in the
switch stack.
can be used to inspect traffic (either in inline or promiscuous mode). In this
deployment, you will assign an additional interface on the appliance to be
used for promiscuous mode as a resilient interface on the other switch in the
switch stack.
Step 1:
In the IPS configuration pane of ASDM (or in IDM itself), navigate to
Configuration > Interfaces > Interfaces
.
Step 2:
Select interface
GigabitEthernet 0/1
, and then click
Enable
.
Step 3:
Click
Apply
.
Step 4:
Navigate to
Configuration > Policies > IPS Policies
.
Step 5:
Right click
vs0
, and then select
Edit
.