Cisco Cisco Catalyst 6500 Cisco 7600 Router Anomaly Guard Module
2
Release Note for the Cisco Anomaly Guard Module
OL-16151-03
New Features in Software Version 6.1(2)
•
•
•
New Features in Software Version 6.1(2)
The following new features are available in software version 6.1(2):
•
New policies for persistent low rate attacker
•
Traffic IP summarization
•
SIP protection in a NAT/PAT environment
•
Report on AS proxy address utilization
•
Disable VLANs if physical interface is down
•
Add zone name to capture file name
•
Configurable log capacity
•
Implicit Write Memory for router mode
•
Restrict user access to management interface only (for the non-XG Guard software version)
•
Interfaces display order
•
Monitoring system resources from the Web-Based Manager (WBM)
•
Enhanced AAA support in WBM
Upgrading to Software Version 6.1(x) from a Software Version
Prior to 5.1(4)
Prior to 5.1(4)
During the upgrade process, the Guard module changes two parameters that may affect your
configuration. The following information describes the two parameters:
configuration. The following information describes the two parameters:
•
In software versions prior to 6.0(5), the Guard module supported loopback interfaces. In software
version 6.0(5) or later, the Guard module no longer supports loopback interfaces and deletes all
loopback interface configurations during the upgrade process.
version 6.0(5) or later, the Guard module no longer supports loopback interfaces and deletes all
loopback interface configurations during the upgrade process.
•
In software version 4.x, the Guard module allowed you to configure illegal subnet masks. In
software version 5.1(4), the Guard module checks to ensure that subnet masks are legal. When you
upgrade from a software version prior to 5.1(4) to 6.1(x), the Guard module corrupts all zone
configurations that contain an illegal subnet mask. To prevent the module from corrupting a zone
configuration that contains an illegal subnet mask, configure the zone configuration with a legal
subnet mask by performing the following steps before upgrading the software:
software version 5.1(4), the Guard module checks to ensure that subnet masks are legal. When you
upgrade from a software version prior to 5.1(4) to 6.1(x), the Guard module corrupts all zone
configurations that contain an illegal subnet mask. To prevent the module from corrupting a zone
configuration that contains an illegal subnet mask, configure the zone configuration with a legal
subnet mask by performing the following steps before upgrading the software:
1.
Use the no ip address command to delete the subnet mask.
2.
Use the ip address command to configure the subnet mask with a legal subnet.
For details on configuring zone IP addresses, see the “Configuring the Zone IP address Range”
section in the Cisco Anomaly Guard Module Configuration Guide. Software upgrade instructions
are located in the “Upgrading the Guard Module Software” section in the Cisco Anomaly Guard
Module Configuration Guide.
section in the Cisco Anomaly Guard Module Configuration Guide. Software upgrade instructions
are located in the “Upgrading the Guard Module Software” section in the Cisco Anomaly Guard
Module Configuration Guide.