Cisco Cisco IPS 4255 Sensor 릴리즈 노트
4
Release Notes for Cisco Intrusion Prevention System 5.1(8)E2
OL-20154-01
ROMMON and TFTP
•
Sambar 6.0 (Windows 2000)
•
Serv-U 5.0 (Windows 2000)
•
MS IIS 5.0 (Windows 2000)
The following HTTP/HTTPS servers are supported for IPS software updates:
•
VMS - Apache Server (Tomcat)
•
VMS - Apache Server (JRun)
Note
The sensor cannot download software updates from Cisco.com. You must download the software update
from Cisco.com to your FTP server, and then configure the sensor to download them from your FTP
server.
from Cisco.com to your FTP server, and then configure the sensor to download them from your FTP
server.
ROMMON and TFTP
ROMMON uses TFTP to download an image and launch it. TFTP does not address network issues such
as latency or error recovery. It does implement a limited packet integrity check so that packets arriving
in sequence with the correct integrity value have an extremely low probability of error. But TFTP does
not offer pipelining so the total transfer time is equal to the number of packets to be transferred times
the network average RTT. Because of this limitation, we recommend that the TFTP server be located on
the same LAN segment as the sensor. Any network with an RTT less than a 100 milliseconds should
provide reliable delivery of the image. Be aware that some TFTP servers limit the maximum file size that
can be transferred to ~32 MB.
as latency or error recovery. It does implement a limited packet integrity check so that packets arriving
in sequence with the correct integrity value have an extremely low probability of error. But TFTP does
not offer pipelining so the total transfer time is equal to the number of packets to be transferred times
the network average RTT. Because of this limitation, we recommend that the TFTP server be located on
the same LAN segment as the sensor. Any network with an RTT less than a 100 milliseconds should
provide reliable delivery of the image. Be aware that some TFTP servers limit the maximum file size that
can be transferred to ~32 MB.
For More Information
•
For the procedure for downloading IPS software from Cisco.com, see
•
For the procedure for configuring automatic updates, refer to
.
IPS Management and Event Viewers
Use IDM, ASDM, or the CLI to configure 5.1(8)E2 sensors.
Note
You cannot use IDS MC 2.0 to configure 5.1(8)E2 sensors. Support for 5.1(8)E2 sensors is being added
to IDS MC 2.1
to IDS MC 2.1
Use the following tools for monitoring 5.1(8)E2 sensors:
•
Security Monitor 2.0.1
•
CTR 2.1
•
IEV 5.2
•
Protego PN-MARS 3.3.3