Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
L -
M -
N -
O -
P -
R -
S -
T -
U -
V -
X -
Index
Numerics
2SX card
described 5-3, 6-4
illustration 5-3, 6-4
4GE bypass interface card
configuration restrictions 5-5, 6-5
described 5-2, 5-3, 5-4, 6-3, 6-4
illustration 5-3, 6-3
802.1q encapsulation and VLAN groups 1-14
A
accelerator cards. See XL cards.
access control list. See ACL.
accessing
Diagnostic Panel (IPS 4270-20) 6-40
IPS software 13-2
access list misconfiguration A-29
accessories
four-post racks
installing appliances in racks 3-21
installing cable-management arms 3-22
installing slide assemblies 3-19
rack-kit contents 3-19
routing cables 3-26
tools 3-19
two-post racks
center-mount installations 3-29
flush-mount installations 3-30
marking racks 3-29
rack kit contents 3-28
tools 3-28
actions
ACL changes 1-3
IP logs 1-3
multiple packet drop 1-3
TCP reset 1-3
adaptive security appliance described 1-22
AIM-IPS
branch router (illustration) 1-21
described 1-20
illustration 1-22
initializing 11-19
installation prerequisites 7-2
installing 7-5
installing system image 14-45
logging in 12-9
reimaging 14-45
removing 7-5
restrictions 7-3
session command 12-9
sessioning 12-9
setup command 11-19
software requirements 7-2
specifications 7-1
time sources 1-28, A-17
verifying installation 7-6, A-75
AIP SSM
Deny Connection Inline A-74
Deny Packet Inline A-74
Normalizer engine A-73
Reset TCP Connection A-74
TCP reset packets A-74
AIP-SSM
described 1-22
indicators described 8-3
initializing 11-25
installing 8-4
installing system image 14-48
logging in 12-10
memory specifications 8-2
models 1-22
recovering A-71
reimaging 14-48
removing 8-6
requirements 8-2
resetting A-70
session command 12-10
setup command 11-25
show module 1 command 8-5
specifications 8-1
time sources 1-28, A-18
verifying status 8-5
alternate TCP reset interface configuration restrictions 1-11
Analysis Engine
error messages A-26
IDM exits A-61
verify it is running A-22
anomaly detection disabling A-21
appliances
ACLs 1-3
application partition image 14-12
described 1-17
four-post racks
installing appliances in racks 3-21
installing cable-management arms 3-22
routing cables 3-26
GRUB menu A-9
hardware
dual serial communication cables 3-7
spare hard-disk drives 3-5
terminal settings 3-7
IDS-4215
rack mounting 2-7
surface mounting 2-6
IDS-4235/4250
front panel 3-2
indicators 3-3
initializing 11-4
installing
XL cards (IDS-4235/4250) 3-14
XL cards (IDS-4250) 3-14
logging in 12-2
managers 1-17
models 1-17
password recovery A-9
recovering software image 14-27
restrictions 1-18
SPAN 1-17
TCP reset 1-3
terminal servers
described 1-18, 12-3, 14-14
setting up 1-18, 12-3, 14-14
time sources 1-27, A-17
two-post racks
marking racks 3-29
rack kit contents 3-28
tools 3-28
upgrading recovery partition 14-6
XL card fiber ports 3-16
application partition image recovering 14-12
applying software updates A-56
ARC
blocking not occurring for signature A-45
device access issues A-42
enabling SSH A-44
inactive state A-40
misconfigured MBS A-46
troubleshooting A-39
verifying device interfaces A-43
verifying status A-39
ASA 5500 AIP SSM
password recovery A-12
resetting the password A-12
ASDM resetting passwords A-14
asymmetric traffic disabling anomaly detection A-21
attack responses TCP reset 1-3
automatic updates troubleshooting A-56
automatic upgrades
information required 14-7
autonegotiation hardware bypass 5-5, 6-5
auto-upgrade-option command 14-7
B
backing up
configuration A-2
current configuration A-4, A-5
back panel features
IDS-4235/4250 3-4
IPS-4260 5-7
IPS 4270-20 6-10
BIOS upgrading IDS-4235/4250 3-6
blocking not occurring for signature A-45
bootloader
describing 14-30
upgrading 14-31
Bug Toolkit
described A-1
URL A-1
C
cable management arm
converting 6-31
described 6-30
installing 6-27
cable pinouts
console port 1-35
RJ-45 1-35
RJ-45 to DB-25 1-37
RJ-45 to DB-9 1-37
cannot access sensor A-27
Catalyst software
IDSM-2
enabling full memory tests 9-12
resetting 9-13
changing the memory
Java Plug-in on Linux A-59
Java Plug-in on Solaris A-59
Java Plug-in on Windows A-59
cidDump obtaining information A-96
cisco
default password 12-2
default username 12-2
Cisco.com
accessing software 13-2
downloading software 13-1
software downloads 13-1
Cisco IOS software
IDSM-2
enabling full memory tests 9-13
resetting 9-14
Cisco Security Intelligence Operations
described 13-14
URL 13-14
Cisco Services for IPS
service contract 13-10
supported products 13-10
clear events command 1-29, A-19, A-96
clearing
events A-96
statistics A-82
clear password command A-11, A-14
command and control interfaces
described 1-4
Ethernet 1-2
list 1-4
commands
auto-upgrade-option 14-7
clear events 1-29, A-19, A-96
clear password A-11, A-14
copy backup-config A-3
copy current-config A-3
copy license-key 13-12
debug module-boot A-71
display-serial 1-19, 12-5
downgrade 14-11
hw-module module 1 reset A-70
hw-module module slot_number password-reset A-12
session 12-9
setup 11-1, 11-4, 11-12, 11-19, 11-25, 11-32
show events A-93
show inventory 7-6, A-75
show module 1 8-5
show module 1 details A-70
show settings A-16
show statistics A-82
show statistics virtual-sensor A-26, A-82
show tech-support A-76
show version A-79
upgrade 14-3, 14-6
configuration files
backing up A-2
merging A-2
configuration restrictions
alternate TCP reset interface 1-11
inline interface pairs 1-10
inline VLAN pairs 1-11
interfaces 1-10
physical interfaces 1-10
VLAN groups 1-11
configuring
automatic upgrades 14-9
maintenance partition
IDSM-2 (Catalyst software) 14-36
IDSM-2 (Cisco IOS software) 14-40
upgrades 14-4
console port pinouts 1-35
converting cable management arm 6-31
copy backup-config command A-3
copy current-config command A-3
copy license-key command 13-12
correcting time on the sensor 1-29, A-19
creating service account A-6
cryptographic account
Encryption Software Export Distribution Authorization from 13-2
obtaining 13-2
current configuration backing up A-2
D
DC power supply (IPS-4240) 4-10
debug logging enabling A-47
debug-module-boot command A-71
default password cisco 12-2
default username cisco 12-2
device access issues A-42
Diagnostic Panel
accessing 6-40
component list 6-12
illustration 6-12
indicators 6-12
directing output to serial port 1-20, 12-5
disabling
anomaly detection A-21
password recovery A-15
disaster recovery A-6
displaying
events A-94
password recovery setting A-16
statistics A-82
tech support information A-77
version A-79
display-serial command
described 1-19, 12-5
supported platforms 1-20, 12-5
downgrade command 14-11
downgrading sensors 14-11
downloading software 13-1
duplicate IP addresses A-30
E
electrical safety guidelines 1-31
enabling
debug logging A-47
full memory tests
Catalyst software 9-12
Cisco IOS software 9-13
Encryption Software Export Distribution Authorization form
cryptographic account 13-2
described 13-2
ESD environment working in 1-33
Ethernet port indicators
IPS-4260 5-7
IPS 4270-20 6-11
events displaying A-94
Event Store clearing events 1-29, A-19
event types A-93
examples
ASA failover configuration A-72
expansion card interfaces naming conventions 5-2, 6-3
expansion card slots
IPS-4260 5-19
IPS 4270-20 6-41
external product interfaces
issues A-23
troubleshooting A-24
F
fail-over testing 5-4, 6-5
fan indicators on IPS 4270-20 6-48
fans in IPS 4270-20 6-48
files
Cisco IPS 13-1
IDSM-2 password recovery A-10
upgrade 14-3
finding serial numbers 7-6, A-75
front panel indicators
IDS-4235/4250 3-3
IPS-4260 5-6
IPS 4270-20 6-7
front panel switches on IPS-4260 5-6
FTP servers supported 14-2
G
grounding lugs on IPS-4260 5-15
GRUB menu and password recovery A-9
guidelines
electrical safety 1-31
power supplies 1-32
rack configuration 1-31
H
hardware
four-post racks 3-18
power supply (IDS-4235/4250) 3-11
SCSI hard-disk drives 3-16
spare hard-disk drives 3-5
two-post racks 3-28
hardware bypass
autonegotiation 5-5, 6-5
configuration restrictions 5-5, 6-5
fail-over 5-4, 6-5
IPS-4260 5-4, 6-4
IPS 4270-20 5-4, 6-4
link status changes and drops 5-6, 6-6, A-25
proper configuration 5-5, 6-6, A-25
supported configurations 5-4, 6-4
with software bypass 5-4, 6-4
HTTP/HTTPS supported servers 14-2
hw-module module 1 reset command A-70
hw-module module slot_number password-reset command A-12
I
IDM
Analysis Engine is busy A-61
Java Plug-in A-59
memory A-59
will not load A-60
IDS-4215
4FE card
installing 2-24
removing 2-22
accessories 2-5
back panel
illustration 2-3
indicators 2-3
BIOS upgrade 2-10, 14-18
chassis cover
removing 2-13
replacing 2-14
compact flash device
removing 2-19
replacing 2-21
features 2-2
front panel
illustration 2-2
indicators 2-2
hard-disk drive
removing 2-16
replacing 2-18
installing 2-8
installing system image 14-16
rack mounting 2-7
ROMMON upgrade 2-10, 14-18
specifications 2-4
surface mounting 2-6
upgrading
BIOS 2-10, 14-18
ROMMON 2-10, 14-18
IDS-4235
back panel (illustration) 3-4
described 3-1
front panel (illustration) 3-2
upgrading BIOS 3-6
IDS-4235/4250
accessories 3-10
accessories kit 3-10
back panel features 3-4
bezel
described 3-11
installing 3-11
removing 3-11
front panel indicators 3-3
installation 3-7
installing
power supplies 3-11
SCSI hard-disk drives 3-18
package contents 3-10
rack mounting (2-post) 3-28
rack mounting (4-post) 3-18
specifications 3-5
IDS-4250
back panel (illustration) 3-4
front panel
illustration 3-2
indicators 3-2
installing 3-7
SCSI hard-disk drives 3-18
SX card 3-14
two hard-disk drives 3-17
XL cards 3-14
removing SCSI hard-disk drives 3-17
upgrading the BIOS 3-6
IDS-4250-XL and TCP reset interface 3-7
IDS appliances
four-post racks
installing slide assemblies 3-19
rack kit contents 3-19
tools 3-19
two-post racks
center-mount installations 3-29
flush-mount installations 3-30
unsupported models 1-16
IDSM-2
command and control port A-67
configuring
maintenance partition (Catalyst software) 14-36
maintenance partition (Cisco IOS software) 14-40
described 1-24
enabling full memory tests
Catalyst software 9-12
Cisco IOS software 9-13
front panel 9-3
hot swapping 9-4, 9-8
initializing 11-12
installing
procedure 9-5
required tools 9-4
system image (Catalyst software) 14-34
system image (Cisco IOS software) 14-35
logging in 12-5
password recovery A-10
password recovery image file A-10
PFC 9-5
powering down (Catalyst OS) 9-15
powering down (Cisco IOS) 9-15
powering up (Catalyst OS) 9-15
powering up (Cisco IOS) 9-15
removing 9-10
requirements 9-2
resetting 9-13
Catalyst software 9-13
Cisco IOS software 9-14
setup command 11-12
shutdown
button 9-3
command 9-3
described 9-10
slot assignments 9-5
SPAN 1-24
specifications 9-1
status indicator 9-3
supported configurations 9-2, A-64
time sources 1-27, A-17
upgrading
maintenance partition (Catalyst software) 14-44
maintenance partition (Cisco IOS software) 14-45
VACLs 1-24
verifying installation 9-8
IDSM2
TCP reset port 9-3, A-69
IDS switch module unsupported models 1-16
initialization verifying 11-37
initializing
AIM-IPS 11-19
AIP-SSM 11-25
appliances 11-4
IDSM-2 11-12
NM-CIDS 11-32
sensors 11-1
inline interface pair mode
configuration restrictions 1-10
described 1-12
inline VLAN pair mode
configuration restrictions 1-11
described 1-13
supported sensors 1-13
installation preparation 1-30
installer major version 13-5
installer minor version 13-5
installing
AIM-IPS 7-2, 7-5
AIP-SSM 8-4
cable management arm 6-27
fans (IPS 4270-20) 6-48
IDS-4215 2-8
IDS-4235 3-7
IPS-4240 4-8
IPS-4255 4-8
IPS-4260 5-15
IPS 4270-20 6-34
license key 13-13
NM-CIDS 10-6
power supply (IDS-4235/4250) 3-11
SCSI hard-disk drives (IDS-4235/4250) 3-18
sensor license 13-11
SX cards (IDS-4250) 3-14
system image
AIM-IPS 14-45
AIP-SSM 14-48
IDS-4215 14-16
IDSM-2 (Catalyst software) 14-34
IDSM-2 (Cisco IOS software) 14-35
IPS-4240 14-20
IPS-4255 14-20
IPS-4260 14-23
IPS 4270-20 14-25
XL cards (IDS-4235/4250) 3-14
interface cards
IPS-4260
installing 5-19
removing 5-19
IPS 4270-20
installing 6-41
removing 6-41
interfaces
alternate TCP reset 1-3
command and control 1-3, 1-4
configuration restrictions 1-10
described 1-3
port numbers 1-3
sensing 1-3, 1-4
slot numbers 1-3
TCP reset 1-9
VLAN groups 1-3
interface support (table) 1-5
internal health information on the Diagnostic Panel 6-41
IPS-4240
accessories 4-5
back panel
figure 4-3
indicators 4-3
described 4-1
features 4-2
front panel
figure 4-2
indicators 4-2
installation 4-8
installing
DC power supply 4-10
system image 14-20
password recovery A-9
rack mounting 4-6
reimaging 14-20
specifications 4-4
IPS-4255
accessories 4-5
back panel (figure) 4-3
front panel
figure 4-2
indicators 4-2
installation 4-8
installing the system image 14-20
password recovery A-9
rack mounting 4-6
reimaging 14-20
specifications 4-4
IPS-4260
4GE bypass interface card 5-2
accessories kit 5-9
back panel features 5-7
chassis cover
removing 5-18
replacing 5-18
described 5-1
Ethernet port indicators 5-7
expansion card slots 5-19
features 5-6
front panel indicators 5-6
front panel switches 5-6
grounding lugs 5-15
hardware bypass 5-4, 6-4
installation 5-15
installing
interface cards 5-19
power supply 5-21
system image 14-23
interface naming conventions 5-2
network ports 5-2
performance 5-2
power supplies 5-2
power supply indicators 5-8
rack mounting (2-post) 5-12
rack mounting (4-post) 5-10
reimaging 14-23
removing
interface cards 5-19
power supply 5-21
sensing interfaces 5-2
specifications 5-8
supported PCI cards 5-2
IPS 4270-20
4GE bypass interface card 6-2
accessing Diagnostic Panel 6-40
accessories kit 6-14
back panel features 6-10
chassis cover
removing 6-38
replacing 6-38
converting the cable management arm 6-31
described 6-1
Diagnostic Panel 6-12
Diagnostic Panel (illustration) 6-12
Ethernet port indicators 6-11
Ethernet port indicators (illustration) 6-11
expansion card slots 6-41
extending from a rack 6-24
fan connector and indicator (illustration) 6-48
fan indicators 6-48
fans 6-48
features 6-6
front panel indicators 6-7
front view (illustration) 6-6
hardware bypass 5-4, 6-4
hot-pluggable power supplies 6-43
installation 6-34
installing
cable management arm 6-27
fans 6-48
in a rack 6-16
interface cards 6-41
power supplies 6-43
installing system image 14-25
interface naming conventions 6-3
internal components (figure) 6-9
maximum rack depth 6-15
network ports 6-2
performance 6-2
power supplies 6-2
power supply indicators 6-12
rack requirements 6-16
rail system kit
described 6-15
minimum rack depth 6-15
redundant power supplies 6-43
reimaging 14-25
removing power supplies 6-43
sensing interfaces 6-2
shallow rack installation 6-18
specifications 6-13
supported PCI cards 6-3
switches and indicators (illustration) 6-7
T-15 Torx screwdriver 6-44
IPS appliances
Deny Connection Inline A-74
Deny Packet Inline A-74
Reset TCP Connection A-74
TCP reset packets A-74
IPS modules and time synchronization 1-29, A-18
IPS software
available files 13-1
obtaining 13-1
platform-dependent release examples 13-6
versioning scheme 13-3
IPS software file names
major updates (illustration) 13-4
minor updates (illustration) 13-4
patch releases (illustration) 13-4
service packs (illustration) 13-4
J
Java Plug-in
Linux A-59
Solaris A-59
Windows A-59
L
license key
installing 13-13
status 13-9
trial 13-9
licensing
described 13-9
IPS device serial number 13-9
Licensing pane
configuring 13-11
described 13-9
limitations for concurrent CLI sessions 12-1
logging in
AIM-IPS 12-9
AIP-SSM 12-10
appliances 12-2
IDSM-2 12-5
NM-CIDS 12-6
sensors
SSH 12-11
Telnet 12-11
service role 12-2
terminal servers 1-18, 12-3, 14-14
user role 12-1
loose connections on sensors 6-50, A-25
M
maintenance partition
configuring
IDSM-2 (Catalyst software) 14-36
IDSM-2 (Cisco IOS software) 14-40
major updates described 13-3
manual block to bogus host A-44
MBS not set up properly A-46
memory and IDM A-59
merging configuration files A-2
MIBs supported A-21
minor updates described 13-3
modes
IDS 1-2
inline interface pair 1-12
inline VLAN pair 1-13
IPS 1-2
promiscuous 1-12
VLAN groups 1-13
modules
AIM-IPS 1-20
AIP-SSM 1-22
memory specifications 8-2
specifications 8-1
IDSM-2 1-24, 9-3, 9-4, 9-5, 9-10
NM-CIDS 1-25, 10-2, 10-4, 10-5, 10-6, 10-8, 10-10, 10-12
N
Network Timing Protocol. See NTP.
NM-CIDS
blank panels 10-12
bootloader
file 14-30
overview 14-30
described 1-25
front panel 10-4
hardware architecture 10-3
initializing 11-32
installation 10-6
installing
OIR support 10-8
required tools 10-6
interfaces 10-5
logging in 12-6
OIR support 10-5
password recovery A-11
reimaging 14-28, 14-29
removal 10-10
removing and OIR support 10-10
requirements
hardware 10-3
platforms 10-3
setup command 11-32
specifications 10-2
status indicators 10-5
system image file 14-28
time sources 1-26, 1-28, A-17
upgrading the bootloader 14-31
NTP
described 1-27, A-17
incorrect configuration A-19
time synchronization 1-27, A-17
O
obtaining
cryptographic account 13-2
IPS software 13-1
P
password recovery
appliances A-9
ASA 5500 AIP SSM A-12
described A-8
disabling A-15
GRUB menu A-9
IDSM-2 A-10
IPS-4240 A-9
IPS-4255 A-9
NM-CIDS A-11
platforms A-8
ROMMON A-9
troubleshooting A-16
verifying A-16
patch releases described 13-3
PCI cards supported (IPS 4270-20) 6-3
performance IPS 4270-20 6-2
PFC described 9-5
physical connectivity issues A-33
physical interfaces configuration restrictions 1-10
platforms and concurrent CLI sessions 12-1
Policy Feature Card. See PFC.
powering down
IDSM-2 9-15
powering down IDSM-2 9-15
powering up
IDSM-2 9-15
powering up IDSM-2 9-15
power supplies
hot-pluggable (IPS 4270-20) 6-43
IPS 4270-20
installing 6-43
removing 6-43
redundant (IPS 4270-20) 6-43
power supply
IPS-4260
installing 5-21
removing 5-21
power supply guidelines 1-32
power supply indicators
IPS-4260 5-8
IPS 4270-20 6-12
preparing for sensor installation 1-30
prerequisites for installing AIM-IPS 7-2
promiscuous mode
described 1-12
packet flow 1-12
R
rack configuration guidelines 1-31
rack extension for IPS 4270-20 6-24
rack installation for IPS 4270-20 6-16
rack mounting (2-post)
IDS-4235/4250 3-28
IPS-4260 5-12
rack mounting (4-post)
IDS-4235/4260 3-18
IPS-4260 5-10
rack requirements for IPS 4270-20 6-16
racks
airflow requirements 6-15
space requirements 6-15
rail system
maximum rack depth 6-15
minimum rack depth 6-15
rack hole-types (illustration) 6-15
round holes 6-15
square holes 6-15
threaded holes 6-15
rail system kit
cable management arm 6-27, 6-30
contents 6-15
IPS 4270-20 6-15
required tools 6-15
recover command 14-11
recovering
AIP-SSM A-71
application partition image 14-12
recovery/upgrade CD 14-27
recovery partition upgrading 14-6
reimaging
AIM-IPS 14-45
AIP-SSM 14-48
appliances 14-11
described 14-1
IPS-4240 14-20
IPS-4255 14-20
IPS-4260 14-23
IPS 4270-20 14-25
NM-CIDS 14-29
sensors 13-8, 14-1
removing
AIM-IPS 7-5
AIP-SSM 8-6
chassis cover (IPS-4260) 5-18
chassis cover (IPS 4270-20) 6-38
last applied upgrade 14-11
NM-CIDS 10-10
SCSI hard-disk drives (IDS-4235/4250) 3-17
replacing
chassis cover (IPS-4260) 5-18
chassis cover (IPS 4270-20) 6-38
requirements
AIP-SSM 8-2
racks
airflow 6-15
space 6-15
reset not occurring for a signature A-53
resetting
AIP-SSM A-70
IDSM-2 9-13
passwords
ASDM A-14
hw-module command A-12
resetting the password
ASA 5500 AIP SSM A-12
restoring the current configuration A-4, A-5
restrictions for AIM-IPS 7-3
RJ-45 cable pinouts 1-35
RJ-45 to DB2-5 cable pinouts 1-37
RJ-45 to DB-9 cable pinouts 1-37
ROMMON
described 14-14
IDS-4215 14-16
IPS-4240 14-20
IPS-4255 14-20
IPS-4260 14-23
IPS-4270 14-23
IPS 4270-20 14-25
password recovery A-9
remote sensors 14-14
serial console port 14-14
TFTP 2-10, 14-14
round-trip time. See RTT.
RTT
described 2-10, 14-14
TFTP limitation 2-10, 14-14
S
scheduling automatic upgrades 14-9
security
information on Cisco Security Intelligence Operations 13-14
sensing interfaces
described 1-4
modes 1-4
PCI cards 1-4
sensor not seeing packets A-36
sensor process not running A-31
sensors
access problems A-27
AIP-SSM 1-22
asymmetric traffic and disabling anomaly detection A-21
capturing traffic 1-2
comprehensive deployment 1-2
Comprehensive Deployment Solutions (figure) 1-2
corrupted SensorApp configuration A-38
disaster recovery A-6
downgrading 14-11
electrical guidelines 1-31
IDS mode 1-2
incorrect NTP configuration A-19
initializing 11-1
interface support 1-5
IP address conflicts A-30
IPS mode 1-2
license 13-11
logging in
SSH 12-11
Telnet 12-11
loose connections 6-50, A-25
misconfigured access lists A-29
models 1-15
network topology 1-15
no alerts A-34, A-62
not seeing packets A-36
NTP time synchronization 1-27, A-17
physical connectivity A-33
power supply guidelines 1-32
preparing for installation 1-30
preventive maintenance A-2
rack configuration guidelines 1-31
recovering the system image 13-8
reimaging 13-8, 14-1
sensing process not running A-31
setup command 11-1, 11-4
site guidelines 1-30
supported 1-15
system images 13-8
TCP reset 1-3
time sources 1-27, A-17
troubleshooting software upgrades A-57
unsupported 1-16
serial connection and supported platforms 1-20, 12-5
serial number and the show inventory command 7-6, A-75
service account
creating A-6
described A-5
service packs described 13-3
service role 12-2
session command 12-9
AIM-IPS 12-9
AIP-SSM 12-10
IDSM-2 12-5
NM-CIDS 12-6
sessioning
AIM-IPS 12-9
AIP-SSM 12-10
IDSM-2 12-6
NM-CIDS 12-7
setting up a terminal server 1-18, 12-3, 14-14
setup command 11-1, 11-4, 11-12, 11-19, 11-25, 11-32
shallow rack installation (IPS 4270-20) 6-18
show events command A-93
show interfaces command A-91
show inventory command 7-6, A-75
show module 1 command 8-5
show module 1 details command A-70
show settings command A-16
show statistics command A-81, A-82
show statistics virtual-sensor command A-26, A-82
show tech-support command A-76
show version command A-79
signature/virus update files described 13-4
signature engine update files described 13-5
signatures and no TCP reset A-53
site guidelines for sensors 1-30
slot assignments
IDSM-2 9-5
supervisor engines 9-5
SNMP and supported MIBs A-21
software bypass
supported configurations 5-4, 6-4
with hardware bypass 5-4, 6-4
software downloads Cisco.com 13-1
software file names
recovery (illustration) 13-5
signature/virus updates (illustration) 13-4
signature engine updates (illustration) 13-5
system image (illustration) 13-5
software release examples
platform-dependent 13-6
platform identifiers 13-7
platform-independent 13-6
software requirements for AIM-IPS 7-2
software updates
supported FTP servers 14-2
supported HTTP/HTTPS servers 14-2
SPAN
appliances 1-17
IDSM-2 1-24
SPAN port issues A-33
specifications
AIM-IPS 7-1
IDS-4235/4250 3-5
IPS-4260 5-8
IPS 4270-20 6-13
NM-CIDS 10-2
status of AIP-SSM 8-5
subinterface 0 described 1-13
supported
FTP servers 14-2
HTTP/HTTPS servers 14-2
supported configurations for IDSM-2 9-2, A-64
switch commands for troubleshooting A-64
Switched Port Analyzer. See SPAN.
System Configuration Dialog 11-1
described 11-1
example 11-2
system image and AIM-IPS 14-45
system images and sensors 13-8
T
T-15 Torx screwdriver (IPS 4270-20) 6-44
TAC
service account A-5
show tech-support command A-76
TCP reset 1-3
TCP reset interfaces
conditions 1-10
described 1-9
list 1-9
TCP resets
IDSM2 port 9-3, A-69
TCP resets not occurring A-53
terminal servers setting up 1-18, 12-3, 14-14
testing fail-over 5-4, 6-5
TFTP and RTT 2-10
TFTP servers
maximum file size limitation 14-14
recommended 2-10
UNIX 2-10
Windows 2-10
RTT 14-14
time correction on the sensor 1-29, A-19
time sources
AIM-IPS 1-28, A-17
AIP-SSM 1-28, A-18
appliances 1-27, A-17
IDSM-2 1-27, A-17
NM-CIDS 1-28, A-17
time synchronization and IPS modules 1-29, A-18
trial license key 13-9
troubleshooting A-1
AIP-SSM
commands A-70
debugging A-71
recovering A-71
reset A-70
Analysis Engine busy A-61
applying software updates A-56
ARC
blocking not occurring for signature A-45
described A-39
device access issues A-42
enabling SSH A-44
inactive state A-40
misconfigured MBS A-46
verifying device interfaces A-43
ASA 5500 AIP SSM
failover scenarios A-72
automatic updates A-56
cannot access sensor A-27
cidDump A-96
cidLog messages to syslog A-52
communication A-27
corrupted SensorApp configuration A-38
debug logger zone names (table) A-51
debug logging A-47
Diagnostic Panel (IPS 4270-20) 6-40
disaster recovery A-6
duplicate sensor IP addresses A-30
enabling debug logging A-47
external product interfaces A-24
faulty DIMMs A-38
gathering information A-75
IDM cannot access sensor A-61
IDM will not load A-60
IDSM-2
command and control port A-67
diagnosing problems A-63
not online A-66, A-67
serial cable A-69
status indicator A-65
switch commands A-64
IPS modules and time drift 1-29, A-18
manual block to bogus host A-44
misconfigured access list A-29
no alerts A-34, A-62
NTP A-53
password recovery A-16
physical connectivity issues A-33
preventive maintenance A-2
reset not occurring for a signature A-53
sensing process not running A-31
sensor events A-93
sensor loose connections 6-50, A-25
sensor not seeing packets A-36
sensor software upgrade A-57
service account A-5
show events command A-92
show interfaces command A-91
show statistics command A-81
show tech-support command A-76, A-77
show version command A-79
software upgrade
IDS-4235 A-55
IDS-4250 A-55
software upgrades A-54
SPAN port issue A-33
TCP reset interfaces 3-7
upgrading from 5.x to 6.0 A-54
verifying Analysis Engine is running A-22
verifying ARC status A-39
U
unassigned VLAN groups described 1-13
understanding time on the sensor 1-27, A-17
unsupported sensors 1-16
upgrade command 14-3, 14-6
upgrade files 14-3
upgrading
5.x to 6.0 13-7
files 14-3
from 5.x to 6.0 A-54
maintenance partition
IDSM-2 (Catalyst software) 14-44
IDSM-2 (Cisco IOS software) 14-45
minimum required version 13-7
recovery partition 14-6, 14-11
URLs for Cisco Security Intelligence Operations 13-14
using
debug logging A-47
TCP reset interface 1-10
V
VACLs and IDSM-2 1-24
verifying
IDSM-2 installation 9-8
installation
AIM-IPS 7-6, A-75
NME-IPS 7-6, A-75
installation (AIM-IPS) 7-6
password recovery A-16
sensor initialization 11-37
sensor setup 11-37
VLAN access control list. See VACL.
VLAN groups
802.1q encapsulation 1-14
configuration restrictions 1-11
deploying 1-14
described 1-13
switches 1-14
X
XL cards and fiber ports 3-16