Table of Contents
In the SNMPv3 Users pane you can add, edit, and delete SNMPv3 users. The SNMPv3 Users pane displays the username, access control, security level, authentication protocol, and privacy protocol for all SNMPv3 users configured on the system. You can configure a maximum of 25 SNMPv3 users on the system. You can also associate SNMPv3 users with SNMP trap destinations. If no SNMPv3 user is associated with a trap, then an SNMPv2 trap is sent.
The SDEE Subscriptions pane displays the details of the SDEE client subscriptions on the sensor. You can view the SDEE subscription ID, the status (expired or valid) of the subscription, the IP address of each SDEE client for each listed subscription, and see the last time the subscription was read.
- SNMPv3 statistics have been added to Configuration > Monitoring > Statistics.
- In IPS versions before 7.2(2)E4, a valid password is 8 to 32 characters long. For IPS 7.2(2)E4 and later, a valid password is 6 to 127 characters long.
- In IPS versions before 7.2(2)E4, while executing an immediate upgrade, you cannot use the IDM, IME, or CLI, or start any new sessions until the upgrade is complete. For IPS 7.2(2)E4 and later, you can use the IDM, IME, and CLI immediately after an automatic update because the automatic update is now executed as background process
You can find major and minor updates, service packs, signature and signature engine updates, system and recovery files, firmware upgrades, and Readmes on the Download Software site on Cisco.com. Signature updates are posted to Cisco.com approximately every week, more often if needed. Service packs are posted to Cisco.com in a release train format, a new release every three months. Major and minor updates are also posted periodically. Check Cisco.com regularly for the latest IPS software.
Note You must be logged in to Cisco.com to download software. You must have an active IPS maintenance contract and a Cisco.com password to download software. You must have a sensor license to apply signature updates.
Step 1 Log in to Cisco.com .
Step 7 Click the type of software file you need. The available files appear in a list in the right side of the window. You can sort by file name, file size, memory, and release date. And you can access the Release Notes and other product documentation.
Step 10 Click Agree to accept the software download rules. The File Download dialog box appears. The first time you download a file from Cisco.com, you must fill in the Encryption Software Export Distribution Authorization form before you can download the software.
If you previously filled out the Encryption Software Export Distribution Authorization form, and read and accepted the Cisco Systems Inc. Encryption Software Usage Handling and Distribution Policy, these forms are not displayed again.
The IDM is a web-based, Java Web Start application that enables you to configure and manage your sensor. The web server for the IDM resides on the sensor. You can access it through Internet Explorer or Firefox web browsers.
Step 1 Open a web browser and enter the sensor IP address. A Security Alert dialog box appears.
Note The default IP address is 192.168.1.2/24,192.168.1.1, which you change to reflect your network environment when you initialize the sensor. When you change the web server port, you must specify the port in the URL address of your browser when you connect to the IDM in the format https://sensor_ip_address:port (for example, https://192.0.2.1:1040).
Step 4 To verify the security certificate, check the Always trust content from this publisher check box, and click Yes . The JAVA Web Start progress dialog box appears, and then the IDM on ip_address dialog box appears.
Step 6 To authenticate the IDM, enter your username and password, and click OK . Both the default username and password are cisco . You were prompted to change the password during sensor initialization. The IDM begins to load. If you change panes from Home to Configuration or Monitoring before the IDM has completed initialization, a Status dialog box appears with the following message:
Note If you created a shortcut, you can launch the IDM by double-clicking the IDM shortcut icon. You can also close the The Cisco IPS Device Manager Version window. After you launch the IDM, it is not necessary for this window to remain open.
- After you upgrade the IPS software on your sensor, you must restart the IDM so that the latest features for the new software version are present in the IDM.
- The IDM opens MySDN from the last browser window you opened, which is the default setting for Windows. To change this default behavior, in Internet Explorer, choose Tools > Internet Options , and then click the Advanced tab. Scroll down and uncheck the Reuse windows for launching shortcuts check box.
- For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no password cisco command, but you cannot remove it. To use the no password cisco command, there must be another administrator account on the sensor. Removing the cisco account through the service account is not supported. If you remove the cisco account through the service account, the sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system image.
- The IDM does not support any non-English characters, such as the German umlaut or any other special language characters. If you enter such characters as a part of an object name through IDM, they are turned into something unrecognizable and you will not be able to delete or edit the resulting object through IDM or the CLI. This is true for any string that is used by the CLI as an identifier, for example, names of time periods, inspect maps, server and URL lists, and interfaces.
For more information about MySDN, refer to MySDN .
The Cisco Security Intelligence Operations site on Cisco.com provides intelligence reports about current vulnerabilities and security threats. It also has reports on other security topics that help you protect your network and deploy your security systems to reduce organizational risk.
You should be aware of the most recent security threats so that you can most effectively secure and manage your network. Cisco Security Intelligence Operations contains the top ten intelligence reports listed by date, severity, urgency, and whether there is a new signature available to deal with the threat.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html .
Subscribe to What’s New in Cisco Product Documentation , which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
This document is to be used in conjunction with the documents listed in the “Related Documentation” section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks . Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)