Cisco Anomaly Guard Module Configuration Guide (Software Version 4.0)
Preface
Download this chapter
PrefacePreface
Download the complete book
Cisco Anomaly Guard Module Configuration Guide (Software Version 4.0) Book-Length PDFCisco Anomaly Guard Module Configuration Guide (Software Version 4.0) Book-Length PDF (PDF - 2 MB)
give_us_feedback

Table Of Contents

Preface

Audience

Organization

Conventions

Obtaining Documentation, Obtaining Support, and Security Guidelines


Preface

This guide provides instructions for the Cisco Anomaly Guard Module (Guard module). It describes how to perform administration tasks, the general operations needed for the Guard operation and explains how to use Guard module.

This preface describes the audience, organization, and conventions of this publication, and provides information on how to obtain related documentation.

This preface contains the following major sections:

Audience

Organization

Conventions

Obtaining Documentation, Obtaining Support, and Security Guidelines

Audience

The Cisco Anomaly Guard Module Configuration Guideis aimed at:

Network administrators

Engineers

Operators

Network security professionals

This guide assumes a thorough knowledge of networking and networking security.

Organization

This guide is divided into the following chapters:

Chapter
Description

Chapter 1, "Introduction"

Provides an overview of the Cisco Anomaly Guard Module (Guard module) and generally outlines the Guard module operation mode and components.

Chapter 2, "Configuring the Guard Module on the Supervisor Engine Module"

Provides information on how to configure the Guard module on a Catalyst 6500 series switch.

Chapter 3, "Initializing the Guard Module"

Provides information on the initial procedures required to connect and configure the Guard module. The chapter outlines the Guard module CLI environment and authentication methods.

Chapter 4, "Configuring the Guard Module"

Provides information on Guard module interface configuration and details the SSH management and activation configuration procedures.

 

Chapter 5, "Configuring Zone Traffic Diversion"

Provides information on the zone traffic diversion process and describes how to configure diversion.

Chapter 6, "Configuring Zones"

Describes how to create and manage zones.

Chapter 7, "Configuring Zone Filters"

Provides information on the Guard module filters and describes how to perform advanced configuration tasks for zones on the Guard module.

Chapter 8, "Configuring Policy Templates and Policies"

Provides information on the Guard module policies and policy templates and describes how to configure them.

Chapter 9, "Interactive Protect Mode"

Provides information on the Interactive protect mode. The chapter details the Guard module recommendations, the user decision options, and the policy interactive status.

Chapter 10, "Attack Reports"

Provides information on the Guard module attack reports, the report structure, and viewing options.

Chapter 11, "Guard Module Diagnostics and Maintenance"

Provides information on the commands relating to the Guard diagnostics and maintenance operations.

Chapter 12, "Analyzing Guard Module Mitigation"

Provides information on how to analyze the zone traffic patterns and identify configuration problems. It provides a short explanation on how to identify the type of attack and recommended actions you can take according to the analysis.


Conventions

This guide uses the following conventions:

Style or Symbol
Description

boldface

Enter bold text exactly as shown. Commands and keywords are in boldface.

Italics

Indicates a variable for which you supply the value. 

Plain text

Plain text represents the screen display, such as a prompt. Do not enter plain text as part of the command.

[x]

Keywords in square brackets are optional.

[x | y]

Keywords in square brackets separated by vertical bars indicate an optional keyword with a choice between values.

{x | y | z}

A choice of required keywords appear in braces separated by vertical bars. You must select one.

[x {y | z}]

Braces and vertical bars within square brackets indicate a required choice within an optional element. You do not need to select one. If you do, you have some required choices.


This guide uses the zone name scannet and the prompt admin@GUARD-conf-zone-scannet# in examples.

This guide uses the following symbols and conventions to identify different types of information.

Caution A caution means that a specific action you take could cause a loss of data or adversely impact use of the equipment.

Warning A warning describes an action that could cause you physical harm or damage the equipment.

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Tip Means the following information will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information.

Timesaver Means the described action saves time. You can save time by performing the action described in the paragraph.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html