Cisco Cisco IPS 4255 Sensor 릴리즈 노트
4
Release Notes for Cisco Intrusion Prevention System 6.0(1)E1
OL-8827-01
ROMMON and TFTP
ROMMON and TFTP
ROMMON uses TFTP to download an image and launch it. TFTP does not address network issues such
as latency or error recovery. It does implement a limited packet integrity check so that packets arriving
in sequence with the correct integrity value have an extremely low probability of error. But TFTP does
not offer pipelining so the total transfer time is equal to the number of packets to be transferred times
the network average RTT. Because of this limitation, we recommend that the TFTP server be located on
the same LAN segment as the sensor. Any network with an RTT less than a 100 milliseconds should
provide reliable delivery of the image. Be aware that some TFTP servers limit the maximum file size that
can be transferred to ~32 MB.
as latency or error recovery. It does implement a limited packet integrity check so that packets arriving
in sequence with the correct integrity value have an extremely low probability of error. But TFTP does
not offer pipelining so the total transfer time is equal to the number of packets to be transferred times
the network average RTT. Because of this limitation, we recommend that the TFTP server be located on
the same LAN segment as the sensor. Any network with an RTT less than a 100 milliseconds should
provide reliable delivery of the image. Be aware that some TFTP servers limit the maximum file size that
can be transferred to ~32 MB.
For More Information
•
For the procedure for downloading IPS software updates from Cisco.com, refer to
•
For the procedure for configuring automatic updates, refer to
.
IPS Management and Event Viewers
Use the following tools for configuring IPS 6.0(1)E1 sensors:
•
IDM 6.0
•
IPS CLI 6.0
•
ASDM 5.2
•
CSM 3.1
Use the following tools for monitoring 6.0(1)E1 sensors:
•
MARS 4.2 and 4.3(1)
•
IEV 5.2
•
CSM 4.0
Note
Viewers that are already configured to monitor the 5.x sensors may need to be configured to
accept a new SSL certificate for the 6.0(1)E1 sensors.
accept a new SSL certificate for the 6.0(1)E1 sensors.
Cisco Security Intelligence Operations
The Cisco Security Intelligence Operations site on Cisco.com provides intelligence reports about current
vulnerabilities and security threats. It also has reports on other security topics that help you protect your
network and deploy your security systems to reduce organizational risk.
vulnerabilities and security threats. It also has reports on other security topics that help you protect your
network and deploy your security systems to reduce organizational risk.
You should be aware of the most recent security threats so that you can most effectively secure and
manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports
listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports
listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
Cisco Security Intelligence Operations contains a Security News section that lists security articles of
interest. There are related security tools and links.
interest. There are related security tools and links.