Cisco Cisco IPS 4255 Sensor
25
Release Notes for Cisco Intrusion Prevention System 7.0(4)E4
OL-22789-01
Cisco Security Intelligence Operations
Recovery Partition Version 1.1 - 7.0(4)E4
Host Certificate Valid from: 07-Jan-2011 to 07-Jan-2013
sensor#
Cisco Security Intelligence Operations
The Cisco Security Intelligence Operations site on Cisco.com provides intelligence reports about current
vulnerabilities and security threats. It also has reports on other security topics that help you protect your
network and deploy your security systems to reduce organizational risk.
vulnerabilities and security threats. It also has reports on other security topics that help you protect your
network and deploy your security systems to reduce organizational risk.
You should be aware of the most recent security threats so that you can most effectively secure and
manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports
listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports
listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
Cisco Security Intelligence Operations contains a Security News section that lists security articles of
interest. There are related security tools and links.
interest. There are related security tools and links.
You can access Cisco Security Intelligence Operations at this URL:
Cisco Security Intelligence Operations is also a repository of information for individual signatures,
including signature ID, type, structure, and description.
including signature ID, type, structure, and description.
You can search for security alerts and signatures at this URL:
Restrictions and Limitations
The following restrictions and limitations apply to Cisco IPS 7.0(4)E4 software and the products that
run it:
run it:
•
For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
•
TACACS+ authentication is not supported in IPS 7.0(4)E4.
•
RADIUS Authentication
–
Make sure you have a RADIUS server already configured before you configure RADIUS
authentication on the sensor. IPS 7.0(4) has been tested with CiscoSecure ACS 4.2 servers.
Refer to your RADIUS server documentation for information on how to set up a RADIUS
server.
authentication on the sensor. IPS 7.0(4) has been tested with CiscoSecure ACS 4.2 servers.
Refer to your RADIUS server documentation for information on how to set up a RADIUS
server.
–
If the sensor is not configured to use a default user role and the sensor user role information in
not in the Accept Message of the CiscoSecure ACS server, the sensor rejects RADIUS
authentication even if the CiscoSecure ACS server accepts the username and password.
not in the Accept Message of the CiscoSecure ACS server, the sensor rejects RADIUS
authentication even if the CiscoSecure ACS server accepts the username and password.