Cisco Anomaly Guard Module Configuration Guide (Software Version 5.1)
Preface
Download this chapter
PrefacePreface
Download the complete book
Cisco Anomaly Guard Module Configuration Guide (Software Version 5.1), Book-Length PDFCisco Anomaly Guard Module Configuration Guide (Software Version 5.1), Book-Length PDF (PDF - 3 MB)
give_us_feedback

Table Of Contents

Preface

Audience

How to Use This Guide

Symbols and Conventions

Obtaining Documentation and Submitting a Service Request


Preface

This guide describes the Cisco Anomaly Guard Module (Guard module), how it functions, and how to perform administration tasks.

This preface describes the audience, organization, and conventions of this publication, and provides information on how to obtain related documentation.

This preface contains the following sections:

Audience

How to Use This Guide

Symbols and Conventions

Obtaining Documentation and Submitting a Service Request

Audience

The Cisco Anomaly Guard Module Configuration Guide is intended primarily for the following audiences:

Network administrators

Engineers

Operators

Network security professionals

This guide assumes a thorough knowledge of networking and networking security.

How to Use This Guide

This guide is organized as follows:

Chapter
Description

Chapter 1, "Product Overview"

Describes the Cisco Anomaly Guard Module (Guard module) and outlines the Guard module operation states and components.

Chapter 2, "Configuring the Guard Module on the Supervisor Engine"

Describes how to configure the Guard module on a Catalyst 6500 series switch and a Cisco 7600 series router.

Chapter 3, "Initializing the Guard"

Describes the initial procedures required to connect and configure the Guard module. The chapter outlines the Guard module CLI environment and authentication methods.

Chapter 4, "Configuring the Guard Module"

Describes how to configure Guard module services and access control.

Chapter 5, "Configuring Traffic Diversion"

Describes the zone traffic diversion process and how to configure diversion.

Chapter 6, "Configuring Zones"

Describes how to create and manage zones.

Chapter 7, "Configuring Zone Filters"

Describes the zone filters and how to configure them.

Chapter 8, "Configuring Policy Templates and Policies"

Describes the zone policies and policy templates and how to configure them.

Chapter 9, "Learning the Zone Traffic Characteristics"

Describes the learning process and how to use the learning process to construct and fine-tune the policies that the Guard module uses for zone protection.

Chapter 10, "Protecting Zones"

Describes how to configure and activate zone protection.

Chapter 11, "Using Interactive Protect Mode"

Describes the Interactive protect mode and the recommendations, the user decision options, and the policy interactive status.

Chapter 12, "Using Attack Reports"

Describes the attack reports, the report structure, and viewing options.

Chapter 13, "Using Guard Module Diagnostics Tools"

Describes the Guard module diagnostic tools.

Chapter 14, "Performing Maintenance Tasks"

Describes how to perform tasks that are required for Guard module maintenance.

Chapter 15, "Analyzing Guard Module Mitigation"

Describes how to analyze the zone traffic patterns and identify configuration problems. The chapter provides a short explanation on how to identify the type of attack and recommended actions that you can take according to the analysis.


Symbols and Conventions

This guide uses the following conventions:

Style or Symbol
Description

boldface font

Boldface text indicates commands and keywords that you must enter exactly as shown.

Italics font

Italic font indicates arguments arguments for which you supply the values. 

Screen font

Screen font indicates the screen display, such as a prompt, and information that the Guard displays on the screen. Do not enter screen font as part of the command.

[x]

Square brackets indicate an optional element (keyword or argument).

[x | y]

Square brackets enclosing keywords or arguments separated by a vertical line indicate an optional choice.

{x | y}

Braces enclosing keywords or arguments separated by a vertical line indicate a required choice.

[x {y | z}]

Braces and vertical bars within square brackets indicate a required choice within an optional element. You do not need to select one. If you do, you have some required choices.


This guide uses the zone name scannet and the prompt user@GUARD-conf-zone-scannet# in examples.

This guide uses the following symbols and conventions to identify different types of information:

Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Tip Means the following information will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information.

Timesaver Means the described action saves time. You can save time by performing the action described in the paragraph.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.