Cisco Intrusion Prevention System Manager Express Configuration Guide for IPS 7.0
Preface
Downloads: This chapterpdf (PDF - 124.0KB) The complete bookPDF (PDF - 9.54MB) | Feedback

Preface

Table Of Contents

Preface

Contents

Audience

Organization

Conventions

Related Documentation

Obtaining Documentation and Submitting a Service Request


Preface


Published: April 22, 2009, OL-18489-01
Revised: April 23, 2013

Contents

This document describes how to install, configure, and use Intrusion Prevention System Manager Express (IME) 7.0. It includes a glossary that contains expanded acronyms and pertinent IPS terms. It is part of the documentation set for Cisco Intrusion Prevention System 7.0. Use this guide with the documents listed in Related Documentation. This preface contains the following topics:

Audience

Organization

Conventions

Related Documentation

Obtaining Documentation and Submitting a Service Request

Audience

This guide is for administrators who need to do the following:

Install and configure IME

Secure their networks with IPS sensors

Prevent intrusion on their networks and monitor subsequent alerts

Organization

This guide includes the following sections:

Section
Title
Description

1

"Getting Started"

Describes how to get started using Cisco IPS and sensors.

2

"Configuring Device Lists"

Describes how to add and configures devices in IME.

3

"Configuring Dashboards"

Describes how to add and configure dashboards in IME.

4

"Configuring RSS Feeds"

Describes how to connect to Cisco RSS feeds in IME.

5

"Using the Startup Wizard"

Describes how to use the Startup wizard to set up your sensor using IME.

6

"Setting Up the Sensor"

Describes how to configure the basic settings of your sensor using IME.

7

"Configuring Interfaces"

Describes how to configure interfaces on your sensor using IME.

8

"Configuring Policies"

Describes how to configure polices on your sensor using IME.

9

"Defining Signatures"

Describes how to configure IPS signatures on your sensor using IME.

10

"Using the Signature Wizard"

Describes how to use the Signature Wizard to configure signatures using IME.

11

"Configuring Event Action Rules"

Describes how to configure event action rules policies on your sensor using IME.

12

"Configuring Anomaly Detection"

Describes how to configure anomaly detection policies on your sensor using IME.

13

"Configuring Global Correlation"

Describes how to configure Global Correlation on your sensor using IME.

14

"Configuring SSH and Certificates"

Describes how to configure SSH and TLS on your sensor using IME.

15

"Configuring Attack Response Controller for Blocking and Rate Limiting"

Describes how to set up blocking on your sensor using IME.

16

"Configuring SNMP"

Describes how to configure SNMP on your sensor using IME.

17

"Configuring External Product Interfaces"

Describes how to set up an external product interface to CSA MC using IME.

18

"Managing the Sensor"

Describes how to manage your sensor using IME.

19

"Monitoring the Sensor"

Describes how to configure monitoring on your sensor using IME.

20

"Configuring Event Monitoring"

Describes how to set up event monitoring on your sensor using IME.

21

"Configuring and Generating Reports"

Describes how to configure and generate reports using IME.

22

"Logging In to the Sensor"

Describes how to log in to the appliances and modules.

23

"Initializing the Sensor"

Describes how to use the setup command to initialize your sensor.

24

"Obtaining Software"

Describes how to locate and install the most recent Cisco IPS software on Cisco.com.

25

"Upgrading, Downgrading, and Installing System Images"

Describes how to upgrade, downgrade, and install new system images on your sensor.

A

"System Architecture"

Describes the underlying software architecture of IPS 6.2 and 7.0.

B

"Signature Engines"

Lists the IPS signature engines with their options.

C

"Troubleshooting"

Lists troubleshooting procedures and advice.

D

"Open Source License Files"

Lists the open source license files that Cisco IPS uses.

 

""

Lists the IPS terms and acronyms.


Conventions

This document uses the following conventions:

Convention
Indication

bold font

Commands and keywords and user-entered text appear in bold font.

italic font

Document titles, new or emphasized terms, and arguments for which you supply values are in italic font.

[ ]

Elements in square brackets are optional.

{x | y | z }

Required alternative keywords are grouped in braces and separated by vertical bars.

[ x | y | z ]

Optional alternative keywords are grouped in brackets and separated by vertical bars.

string

A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks.

courier font

Terminal sessions and information the system displays appear in courier font.

< >

Nonprinting characters such as passwords are in angle brackets.

[ ]

Default responses to system prompts are in square brackets.

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.



Note Means reader take note.



Tip Means the following information will help you solve a problem.



Caution Means reader be careful. In this situation, you might perform an action that could result in equipment damage or loss of data.


Timesaver Means the described action saves time. You can save time by performing the action described in the paragraph.



Warning Means reader be warned. In this situation, you might perform an action that could result in bodily injury.

Related Documentation

For more information on Cisco IPS 7.0, refer to the following documentation found at this URL:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/tsd_products_support_series_home.html

Documentation Roadmap for Cisco Intrusion Prevention System 7.0

Release Notes for Cisco Intrusion Prevention System 7.0(1)E3

Release Notes for Cisco Intrusion Prevention System 7.0(2)E3

Release Notes for Cisco Intrusion Prevention System 7.0(2)E4

Release Notes for Cisco Intrusion Prevention System Manager Express 7.0(3)E4

Cisco Intrusion Prevention System Device Manager Configuration Guide for IPS 7.0

Cisco Intrusion Prevention System Command Reference 7.0

Cisco Intrusion Prevention System Sensor CLi Configuration Guide for IPS 7.0

Installing Cisco Intrusion Prevention System Appliances and Modules 7.0

Installing and Removing Interface Cards in Cisco IPS 4260 and IPS 4270-20

Regulatory Compliance and Safety Information for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.