Cisco Cisco IPS 4360 Sensor 백서

43

Intrusion Prevention

August 2012 Series

43

The first step used to configure a Cisco ASA 5500 Series IPS Solution 
module is to session into the module from the firewall and set up basic 
networking such as IP address, gateway, and access lists in order to allow 
remote access to the GUI. Once the basic setup is complete, configuration 
is completed through a GUI such as Cisco ASA Security Device Manager 
(ASDM) or the Cisco IPS Manager Express. 

Configuring the Cisco IPS 4300/4500 Series appliance follows similar steps 
with the addition of one procedure where you configure the switch to copy 
packets to the sensor’s interface for inspection.

Use the following values when configuring IPS/IDS devices.

Location and mode

Internet edge IPS

Distribution IDS

Hostname

IPS-5545a&b

IDS-4300

IP Address

10.4.24.27&.28

10.4.32.171

Network Mask

255.255.255.224

255.255.255.192

Default Gateway

10.4.24.1

10.4.32.129

Location

Internet edge distribu-
tion switch

WAN aggregation 
distribution switch

Deploying IPS

1.  Configure LAN switch access port

2.  Initialize the IPS module

3.  Complete the initial setup

4.  Complete the startup wizard

5.  Add additional sensing interfaces

6.  Modify the inline security policy

Process

Procedure 1 

Configure LAN switch access port

A LAN switch near the IPS sensor provides connectivity for the sensor’s 
management interface. On the Cisco ASA 5500-X Series firewalls, the 
firewall and IPS modules share a single management interface. This deploy-
ment uses the management interface for IPS module access only. 

Step 1:  

Configure an access port to the management VLAN on the appro-

priate switch where the IPS device’s management port will be connected.

interface 

 description IPS-5545a

 switchport

 switchport access vlan 300

 switchport mode access

 spanning-tree portfast