Cisco Traffic Anomaly Detector Module Configuration Guide (Software Version 5.0)
Preface
Download this chapter
PrefacePreface
Download the complete book
Cisco Traffic Anomaly Detector Module Configuration Guide (Software Version 5.0), Book-Length PDFCisco Traffic Anomaly Detector Module Configuration Guide (Software Version 5.0), Book-Length PDF (PDF - 3 MB)
give_us_feedback

Table Of Contents

Preface

Audience

Organization

Conventions

Obtaining Documentation and Submitting a Service Request


Preface

This preface describes the audience, organization, and conventions of this publication, and provides information on how to obtain related documentation.

This preface contains the following sections:

Audience

Organization

Conventions

Obtaining Documentation and Submitting a Service Request

Audience

The Cisco Traffic Anomaly Detector Module Configuration Guideis intended primarily for the following audiences:

Network administrators

Engineers

Operators

Network security professionals

This guide assumes a thorough knowledge of networking and networking security.

Organization

This guide is divided into the following chapters:

Chapter
Description

Chapter 1, "Product Overview"

Describes the Cisco Traffic Anomaly Detector Module (Detector module) and outlines the Detector module operation states and components.

Chapter 2, "Configuring the Detector Module on the Supervisor Engine"

Describes how to configure the Detector module on a Catalyst 6500 series switch and a Cisco 7600 series router.

Chapter 3, "Initializing the Detector Module"

Describes the initial procedures required to connect and configure the Detector module. The chapter outlines the Detector module CLI environment and authentication methods.

Chapter 4, "Configuring the Detector Module"

Describes how to configure Detector module services and access control.

Chapter 5, "Configuring Zones"

Describes how to create and manage zones.

Chapter 6, "Configuring Zone Filters"

Describes the zone filters and how to configure them.

Chapter 7, "Configuring Policy Templates and Policies"

Describes the zone policies and policy templates and how to configure them.

Chapter 8, "Using Interactive Detect Mode"

Describes the Interactive detect mode and the recommendations, the user decision options, and the policy interactive status.

Chapter 9, "Understanding Attack Reports"

Describes the attack reports, the report structure, and viewing options.

Chapter 10, "Using Detector Module Diagnostics Tools"

Describes the Detector module diagnostics tools.

Chapter 11, "Performing Maintenance Tasks"

Describes how to performs tasks that are required for Detector module maintenance and up keep.


Conventions

This guide uses the following conventions:

Style or Symbol
Description

boldface

Enter bold text exactly as shown. Commands and keywords are in boldface.

Italics

Indicates a variable for which you supply the value. 

Plain text

Plain text represents the screen display, such as a prompt. Do not enter plain text as part of the command.

[x]

Keywords in square brackets are optional.

[x | y]

Keywords in square brackets separated by vertical bars indicate an optional keyword with a choice between values.

{x | y | z}

A choice of required keywords appear in braces separated by vertical bars. You must select one.

[x {y | z}]

Braces and vertical bars within square brackets indicate a required choice within an optional element. You do not need to select one. If you do, you have some required choices.


This guide uses the zone name scannet and the prompt user@DETECTOR-conf-zone-scannet# in examples.

This guide uses the following symbols and conventions to identify different types of information.

Caution A caution means that a specific action you take could cause a loss of data or adversely impact use of the equipment.

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Tip Means the following information will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information.

Timesaver Means the described action saves time. You can save time by performing the action described in the paragraph.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.