Cisco Cisco IPS 4255 Sensor 릴리즈 노트
32
Release Notes for Cisco Intrusion Prevention System 5.1(8)E2
OL-20154-01
Connecting IPS-4240 to a Cisco 7200 Series Router
•
IDM does not support any non-English characters, such as the German umlaut or any other special
language characters. If you enter such characters as a part of an object name through IDM, they are
turned into something unrecognizable and you will not be able to delete or edit the resulting object
through IDM or the CLI.
language characters. If you enter such characters as a part of an object name through IDM, they are
turned into something unrecognizable and you will not be able to delete or edit the resulting object
through IDM or the CLI.
This is true for any string that is used by CLI as an identifier, for example, names of time periods,
inspect maps, server and URL lists, and interfaces.
inspect maps, server and URL lists, and interfaces.
•
You can only install eight IDSM-2s per switch chassis.
•
Do not confuse Cisco IOS IDS (a software-based intrusion-detection application that runs in the
Cisco IOS) with the IPS that runs on the NM-CIDS. The NM-CIDS runs Cisco IPS 5.1(8)E2.
Because performance can be reduced and duplicate alarms can be generated, we recommend that
you do not run Cisco IOS IDS and Cisco IPS 5.1(8)E2 simultaneously.
Cisco IOS) with the IPS that runs on the NM-CIDS. The NM-CIDS runs Cisco IPS 5.1(8)E2.
Because performance can be reduced and duplicate alarms can be generated, we recommend that
you do not run Cisco IOS IDS and Cisco IPS 5.1(8)E2 simultaneously.
•
Only one NM-CIDS is supported per Cisco 2600, 2811, 2821 2851, 3825, 3845, and 3700 series
router.
router.
•
Jumbo frames are not supported on the NM-CIDS.
•
After you upgrade any IPS software on your sensor, you must restart the IDM to see the latest
software features.
software features.
•
The HTML-based IDM has been replaced with a Java applet.
•
You cannot use IDS MC 2.0 to configure 5.1(8)E2 sensors. Support for 5.1(8)E2 sensors is being
added to IDS MC 2.1.
added to IDS MC 2.1.
•
When SensorApp is reconfigured there is a short period when SensorApp is unable to respond to any
queries. Wait a few minutes after reconfiguration is complete before querying SensorApp for
additional information.
queries. Wait a few minutes after reconfiguration is complete before querying SensorApp for
additional information.
Connecting IPS-4240 to a Cisco 7200 Series Router
When an IPS-4240 is connected directly to a 7200 series router and both the IPS-4240 and the router
interfaces are hard-coded to speed 100 with duplex Full, the connection does not work. If you set
IPS-4240 to speed Auto and duplex Auto, it connects to the router but only at speed 100 and duplex Half.
interfaces are hard-coded to speed 100 with duplex Full, the connection does not work. If you set
IPS-4240 to speed Auto and duplex Auto, it connects to the router but only at speed 100 and duplex Half.
To connect correctly at speed 100 and duplex Full, set the interfaces of both IPS-4240 and the router to
speed Auto and duplex Auto. Also, if either interface is hard-coded, you must make the connection using
a crossover cable.
speed Auto and duplex Auto. Also, if either interface is hard-coded, you must make the connection using
a crossover cable.
Recovering the Password
The following password recovery options exist:
•
If another Administrator account exists, the other Administrator can change the password.
•
If a Service account exists, you can log in to the service account and switch to user root using the
command su - root. Use the password command to change the CLI Administrator account’s
password. For example, if the Administrator username is “adminu,” the command is password
adminu. You are prompted to enter the new password twice.
command su - root. Use the password command to change the CLI Administrator account’s
password. For example, if the Administrator username is “adminu,” the command is password
adminu. You are prompted to enter the new password twice.
•
You can reimage the sensor using either the recovery partition or a system image file.