-
Installing Cisco Intrusion Prevention System Appliances and Modules 7.0
-
Preface
-
Introducing the Sensor
-
Installing IPS-4240 and IPS-4255
-
Installing IPS-4260
-
Installing IPS 4270-20
-
Installing AIM-IPS
-
Installing AIP-SSM
-
Installing IDSM-2
-
Installing NME-IPS
-
Initializing the Sensor
-
Logging In to the Sensor
-
Obtaining Software
-
Upgrading, Downgrading, and Installing System Images
-
Troubleshooting
-
Glossary
-
Index
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - L - M - N - O - P - R - S - T - U - V -
Index
Numerics
2SX card
4GE bypass interface card
configuration restrictions 3-5, 4-6
802.1q encapsulation for VLAN groups 1-15
A
accessing
Diagnostic Panel (IPS 4270-20) 4-41
IPS software 11-2
access lists misconfiguration A-26
actions
ACL changes 1-2
IP logs 1-3
multiple packet drop 1-3
TCP reset 1-2
active update bulletins 11-9
adaptive security appliance
AIP-SSM 1-21
described 1-21
AIM-IPS
branch router (illustration) 1-20
described 1-19
illustration 1-21
initializing 10-13
installing
module 5-5
system image 12-23
interfaces described 5-4
logging in 9-5
removing module 5-5
restrictions 5-3
session command 9-5
setup command 10-13
software requirements 5-2
specifications 5-1
AIP-SSM
described 1-21
indicators
described 6-2
illustration 6-2
initializing 10-16
installing
module 6-3
system image 12-26
logging in 9-6
memory specifications 6-2
models 1-21
password recovery A-10
recovering A-67
reimaging 12-26
removing module 6-5
requirements 6-2
resetting A-66
session command 9-6
setup command 10-16
show module 1 command 6-4
specifications 6-1
verifying status 6-5
alternate TCP reset interface 1-11
Analysis Engine
error messages A-23
IDM exits A-56
verify it is running A-20
anomaly detection disabling A-18
appliances
ACLs 1-2
described 1-17
GRUB menu A-8
initializing 10-8
logging in 9-2
managers 1-17
models 1-17
password recovery A-8
restrictions 1-18
SPAN 1-18
TCP reset 1-2
terminal servers
upgrading recovery partition 12-5
application partition image recovery 12-12
applying software updates A-53
ARC
blocking not occurring for signature A-43
device access issues A-40
enabling SSH A-42
inactive state A-38
misconfigured master blocking sensor A-44
troubleshooting A-36
verifying device interfaces A-41
verifying status A-37
asymmetric traffic disabling anomaly detection A-18
attack responses for TCP resets 1-2
authenticated NTP 1-26, 1-27, A-14, A-15
automatic setup 10-1
automatic updates troubleshooting A-54
automatic upgrade
examples 12-10
information required 12-6
autonegotiation for hardware bypass 3-5, 4-6
auto-upgrade-option command 12-6
B
backing up
configuration A-2
current configuration A-4
back panel features
IPS-4240 2-3
IPS-4255 2-3
IPS-4260 3-7
IPS 4270-20 4-9
basic setup 10-4
blocking not occurring for signature A-43
C
cable management arm
converting 4-32
described 4-31
installing 4-28
cable pinouts
console port 1-34
RJ-45 1-34
RJ-45 to DB-25 1-35
RJ-45 to DB-9 1-35
cannot access sensor A-24
Catalyst software
IDSM-2
enabling full memory tests 7-12
powering down 7-15
powering up 7-15
resetting 7-14
cidDump obtaining information A-92
cisco
default password 9-2
default username 9-2
Cisco.com
accessing software 11-2
Active Update Bulletins 11-9
downloading software 11-1
IPS software 11-1
software downloads 11-1
Cisco IOS software
IDSM-2
enabling full memory tests 7-13
powering down 7-16
powering up 7-16
resetting 7-14
Cisco IPS software files 12-2
Cisco Security Center
described 11-10
URL 11-10
Cisco Services for IPS
service contract 11-12
supported products 11-12
clear events command 1-28, A-17, A-92
clearing
events A-92
statistics A-77
clear password command A-9, A-11
command and control interface
described 1-5
Ethernet 1-2
list 1-5
commands
auto-upgrade-option 12-6
copy backup-config A-3
copy current-config A-3
copy license-key 11-14
debug module-boot A-67
downgrade 12-11
hw-module module 1 reset A-66
hw-module module slot_number password-reset A-10
setup 10-1, 10-4, 10-8, 10-13, 10-16, 10-20, 10-25
show events A-89
show health A-69
show settings A-13
show statistics A-77
show statistics virtual-sensor A-23, A-77
show tech-support A-70
show version A-74
configuration files
backing up A-2
merging A-2
configuration restrictions
alternate TCP reset interface 1-11
inline interface pairs 1-11
inline VLAN pairs 1-11
interfaces 1-10
physical interfaces 1-10
VLAN groups 1-11
configuring
automatic upgrades 12-8
maintenance partition
IDSM-2 (Catalyst software) 12-31
IDSM-2 (Cisco IOS software) 12-35
upgrades 12-4
console port pinouts 1-34
converting cable management arm 4-32
copy backup-config command A-3
copy current-config command A-3
copy license-key command 11-14
correcting time on the sensor 1-28, A-17
creating the service account A-5
cryptographic account
Encryption Software Export Distribution Authorization from 11-2
obtaining 11-2
current configuration back up A-2
D
DC power supply for IPS-4240 2-10
debug logging enable A-46
debug-module-boot command A-67
defaults
password 9-2
username 9-2
device access issues A-40
Diagnostic Panel
accessing 4-41
component list 4-12
illustration 4-11
indicators 4-11
disabling
anomaly detection A-18
password recovery A-12
disaster recovery A-6
displaying
events A-90
health status A-70
password recovery setting A-13
statistics A-77
tech support information A-71
version A-74
downgrade command 12-11
downgrading sensors 12-11
downloading software 11-1
duplicate IP addresses A-27
E
electrical safety guidelines 1-30
enabling
debug logging A-46
full memory tests
Catalyst software 7-12
Cisco IOS software 7-13
Encryption Software Export Distribution Authorization form
cryptographic account 11-2
described 11-2
ESD environment working in 1-32
Ethernet port indicators
IPS-4260 3-7
IPS 4270-20 4-10
events
displaying A-90
types A-88
Event Store
no alerts A-32
time stamp 1-28
expansion card interfaces
naming conventions (IPS-4260) 3-4
naming conventions (IPS 4270-20) 4-4
expansion card slots
IPS 4270-20 4-41
external product interfaces
issues A-21
troubleshooting A-22
F
false positives
filtering 1-4
tuning IPS 1-3
fan indicators (IPS 4270-20) 4-49
fans (IPS 4270-20) 4-49
files
Cisco IPS 12-2
IDSM-2 password recovery A-11
finding the serial number 5-6, 8-6
front panel indicators
IPS-4240 2-2
IPS-4255 2-2
IPS-4260 3-6
IPS 4270-20 4-8
front panel switches
IPS-4260 3-6
IPS 4270-20 4-8
FTP servers supported 12-2
G
global correlation
license 10-5
troubleshooting A-19
grounding lugs (IPS-4260) 3-15
GRUB menu password recovery A-8
guidelines
electrical safety 1-30
power supplies 1-31
rack configuration 1-30
H
hardware bypass
configuration restrictions 3-5, 4-6
IPS-4260 3-4
supported configurations 3-4, 4-5
HTTP/HTTPS servers 12-2
hw-module module 1 reset command A-66
hw-module module slot_number password-reset command A-10
I
IDM
Analysis Engine is busy A-56
will not load A-56
IDS appliances unsupported models 1-16
IDSM-2
command and control port A-64
configuring
maintenance partition (Catalyst software) 12-31
maintenance partition (Cisco IOS software) 12-35
described 1-23
enabling full memory tests
Catalyst software 7-12
Cisco IOS software 7-13
front panel 7-3
initializing 10-20
installing
module 7-5
required tools 7-4
system image (Catalyst software) 12-28
system image (Cisco IOS software) 12-29
logging in 9-8
password recovery A-11
password recovery image file A-11
PFC 7-5
powering down
Catalyst software 7-15
Cisco IOS software 7-16
powering up
Catalyst software 7-15
Cisco IOS software 7-16
reimaging 12-28
removing 7-10
requirements 7-2
resetting
Catalyst software 7-14
Cisco IOS software 7-14
sessioning 9-8
setup command 10-20
shutdown
button 7-3
command 7-3
described 7-11
slot assignments 7-5
SPAN 1-23
specifications 7-1
status indicator 7-3
supported configurations 7-2, A-60
upgrading
maintenance partition (Catalyst software) 12-38
maintenance partition (Cisco IOS software) 12-39
VACLs 1-23
verifying installation 7-9
IDSM unsupported models 1-17
IME time synchronization problems A-58
initializing
AIM-IPS 10-13
AIP-SSM 10-16
appliances 10-8
IDSM-2 10-20
NME-IPS 10-25
user roles 10-1
verifying 10-28
inline interface pair mode
configuration restrictions 1-11
described 1-13
inline VLAN pair mode
configuration restrictions 1-11
described 1-14
supported sensors 1-14
installation preparation 1-29
installer
major version 11-6
minor version 11-6
installing
AIM-IPS 5-5
AIP-SSM 6-3
cable management arm 4-28
fans (IPS 4270-20) 4-49
IPS-4240 2-8
IPS-4255 2-8
IPS-4260 3-15
IPS 4270-20 4-35
license key 11-15
NME-IPS 8-5
sensor license 11-13
system image
AIM-IPS 12-23
AIP-SSM 12-26
IDSM-2 (Catalyst software) 12-28
IDSM-2 (Cisco IOS software) 12-29
IPS-4240 12-15
IPS-4255 12-15
IPS-4260 12-18
IPS 4270-20 12-20
NME-IPS 12-40
interface cards
IPS-4260
installing 3-19
removing 3-19
IPS 4270-20
installing 4-42
removing 4-42
interfaces
alternate TCP reset 1-5
command and control 1-5
configuration restrictions 1-10
described 1-4
port numbers 1-4
slot numbers 1-4
support (table) 1-6
TCP reset 1-9
VLAN groups 1-5
internal health information in the Diagnostic Panel 4-41
introducing
AIM-IPS 1-19
AIP-SSM 1-21
IDSM-2 1-23
IPS-4240 2-1
IPS-4255 2-1
IPS-4260 3-1
IPS 4270-20 4-2
IPS appliances 1-17
NME-IPS 1-24
IPS
restrictions 1-18
supported
appliances 1-16
modules 1-16
tuning 1-3
IPS-4240
accessories 2-5
back panel
illustration 2-3
indicators 2-3
described 2-1
features 2-2
front panel
illustration 2-2
indicators 2-2
installation 2-8
installing
DC power supply 2-10
system image 12-15
password recovery A-8
rack mounting 2-6
reimaging 12-15
specifications 2-4
IPS-4240-DC
described 2-10
installing 2-11
IPS-4255
accessories 2-5
back panel (illustration) 2-3
described 2-1
front panel
illustration 2-2
indicators 2-2
installation 2-8
installing system image 12-15
password recovery A-8
rack mounting 2-6
reimaging 12-15
specifications 2-4
IPS-4260
4GE bypass interface card 3-2
accessories kit 3-9
back panel features 3-7
chassis cover
removing 3-18
replacing 3-18
described 3-1
Ethernet port indicators 3-7
expansion card slots 3-19, 3-21
features 3-6
front panel
indicators 3-6
switches 3-6
grounding lugs 3-15
hardware bypass 3-4
installation 3-15
installing
interface cards 3-19
power supply 3-21
system image 12-18
interface naming conventions 3-4
network ports 3-2
performance 3-2
power supplies 3-2
power supply indicators 3-8
rack mounting
2-post 3-12
4-post 3-10
reimaging 12-18
removing
interface cards 3-19
power supply 3-21
sensing interfaces 3-2
specifications 3-8
supported interface cards 3-2, 3-3
IPS 4270-20
4GE bypass interface card 4-2
accessories kit 4-15
back panel features 4-9
chassis cover
removing 4-39
replacing 4-39
converting cable management arm 4-32
Diagnostic Panel
accessing 4-41
described 4-11
illustration 4-11
Ethernet port indicators
described 4-10
illustration 4-10
expansion card slots 4-41
extending from a rack 4-25
fan connector and indicator (illustration) 4-49
fan indicators 4-49
fans 4-49
features 4-7
front panel
indicators 4-8
switches 4-8
front view (illustration) 4-7
hot-pluggable power supplies 4-44
installation 4-35
installing
cable management arm 4-28
fans 4-49
in a rack 4-17
interface cards 4-42
power supplies 4-44
system image 12-20
interface naming conventions 4-4
maximum rack depth 4-16
network ports 4-2
performance 4-2
power supplies 4-3
power supply indicators 4-11
rack requirements 4-16
rail system kit
described 4-15
minimum rack depth 4-16
redundant power supplies 4-44
reimaging 12-20
removing
interface cards 4-42
power supplies 4-44
sensing interfaces 4-2
shallow rack installation 4-19
specifications 4-14
switches and indicators (illustration) 4-7
T-15 Torx screwdriver 4-45
IPS modules
described 1-19
time synchronization 1-27, A-16
IPS software
available files 11-1
obtaining 11-1
platform-dependent release examples 11-7
IPS software file names
major updates (illustration) 11-3
minor updates (illustration) 11-3
patch releases (illustration) 11-3
service packs (illustration) 11-3
IPv6
SPAN ports 1-13
switches 1-13
L
license key
installing 11-15
trial 11-11
licensing
described 11-11
IPS device serial number 11-11
Licensing pane
configuring 11-13
described 11-11
limitations for concurrent CLI sessions 2-1, 3-1, 4-1, 5-1, 6-1, 7-1, 8-1, 9-1
logging in
AIM-IPS 9-5
AIP-SSM 9-6
appliances 9-2
IDSM-2 9-8
NME-IPS 9-10
sensors
SSH 9-11
Telnet 9-11
service role 9-2
terminal servers 1-18, 9-3, 12-14
user role 9-1
loose connections on sensors 4-51, A-23
M
maintenance partition
configuring
IDSM-2 (Catalyst software) 12-31
IDSM-2 (Cisco IOS software) 12-35
major updates described 11-3
manual block to bogus host A-42
master blocking sensor
not set up properly A-44
verifying configuration A-44
merging configuration files A-2
MIBs supported A-18
minor updates described 11-3
modes
IDS 1-1
inline interface pair 1-13
inline VLAN pair 1-14
IPS 1-1
promiscuous 1-12
VLAN Groups 1-14
modules
AIM-IPS 1-19
AIP-SSM 1-21
IDSM-2 1-23, 7-3, 7-4, 7-5, 7-10
NME-IPS 1-24
N
Network Timing Protocol see NTP
NME-IPS
illustration 1-25
initializing 10-25
installing
module 8-5
system image 12-40
introducing 1-24
logging in 9-10
reimaging 12-40
removing 8-5
restrictions 8-3
session command 9-10
setup command 10-25
software requirements 8-2
specifications 8-1
verifying installation 5-6, 8-6
NTP
authenticated 1-26, 1-27, A-14, A-15
incorrect configuration 1-27, A-16
time synchronization 1-25, A-14
unauthenticated 1-26, 1-27, A-14, A-15
verifying configuration 1-28
O
obtaining
cryptographic account 11-2
IPS software 11-1
P
password recovery
AIM-IPS A-9
AIP-SSM A-10
appliances A-8
CLI A-12
described A-7
disabling A-12
GRUB menu A-8
IDSM-2 A-11
IPS-4240 A-8
IPS-4255 A-8
IPS-4260 A-8
IPS 4270-20 A-8
NME-IPS A-11
platforms A-7
ROMMON A-8
troubleshooting A-13
verifying A-13
patch releases described 11-4
performance (IPS 4270-20) 4-2
PFC described 7-5
physical connectivity issues A-30
physical interfaces configuration restrictions 1-10
platforms concurrent CLI sessions 2-1, 3-1, 4-1, 5-1, 6-1, 7-1, 8-1, 9-1
powering down
IDSM-2 (Catalyst software) 7-15
IDSM-2 (Cisco IOS software) 7-16
powering up
IDSM-2 (Catalyst software) 7-15
IDSM-2 (Cisco IOS software) 7-16
power supplies
IPS-4260
installing 3-21
removing 3-21
IPS 4270-20
hot-pluggable 4-44
installing 4-44
redundant 4-44
removing 4-44
power supply guidelines 1-31
power supply indicators
IPS-4260 3-8
IPS 4270-20 4-11
preparing for sensor installation 1-29
prerequisites
promiscuous mode
described 1-12
packet flow 1-12
SPAN ports 1-13
VACL capture 1-13
R
rack mounting
IPS-4260
2-post 3-12
4-post 3-10
IPS 4270-20
extension 4-25
installation 4-17
requirements 4-16
racks
airflow requirements 4-16
configuration guidelines 1-30
space requirements 4-16
rail system
maximum rack depth 4-16
minimum rack depth 4-16
rack hole-types (illustration) 4-15
round holes 4-15
square holes 4-15
threaded holes 4-15
rail system kit
cable management arm 4-28, 4-31
contents 4-16
IPS 4270-20 4-15
required tools 4-16
recover command 12-12
recovering
AIP-SSM A-67
application partition image 12-12
recovery partition upgrade 12-5
reimaging
AIP-SSM 12-26
appliances 12-12
described 12-1
IDSM-2 12-28
IPS-4240 12-15
IPS-4255 12-15
IPS-4260 12-18
IPS 4270-20 12-20
NME-IPS 12-40
removing
AIM-IPS 5-5
AIP-SSM 6-5
chassis cover
IPS-4260 3-18
IPS 4270-20 4-39
last applied
service pack 12-11
signature update 12-11
NME-IPS 8-5
replacing
chassis cover
IPS-4260 3-18
IPS 4270-20 4-39
requirements
AIP-SSM 6-2
racks
airflow 4-16
space 4-16
reset not occurring for a signature A-51
resetting
AIP-SSM A-66
IDSM-2 (Catalyst software) 7-14
IDSM-2 (Cisco IOS software) 7-14
restoring the current configuration A-4
restrictions
AIM-IPS 5-3
NME-IPS 8-3
RJ-45
cable pinouts 1-34
to DB2-5 cable pinouts 1-35
to DB-9 cable pinouts 1-35
ROMMON
described 12-14
IPS-4240 12-15
IPS-4255 12-15
IPS-4260 12-18
password recovery A-8
remote sensors 12-14
serial console port 12-14
TFTP 12-14
RTT
described 12-14
TFTP limitation 12-14
S
scheduling automatic upgrades 12-8
security information and Cisco Security Center 11-10
sensing interfaces
described 1-6
interface cards 1-6
modes 1-6
sensors
access problems A-24
application partition image 12-12
asymmetric traffic and disabling anomaly detection A-18
capturing traffic 1-1
comprehensive deployment 1-1
Comprehensive Deployment Solutions (illustration) 1-1
corrupted SensorApp configuration A-35
disaster recovery A-6
downgrading 12-11
electrical guidelines 1-30
IDS mode 1-1
incorrect NTP configuration 1-27, A-16
interface support 1-6
IP address conflicts A-27
IPS mode 1-1
IPS tuning tips 1-3
license 11-13
logging in
SSH 9-11
Telnet 9-11
misconfigured access lists A-26
models 1-16
network topology 1-3
not seeing packets A-33
NTP time synchronization 1-25, A-14
physical connectivity A-30
power supply guidelines 1-31
preparing for installation 1-29
preventive maintenance A-2
process not running A-29
rack configuration guidelines 1-30
recovering the system image 11-8
sensing process not running A-29
setup command 10-1, 10-4, 10-8
site guidelines 1-29
supported 1-16
system images 11-8
TCP reset 1-2
troubleshooting software upgrades A-55
unsupported 1-16
upgrading 12-4
serial number and the show inventory command 5-6, 8-6
service account
creating A-5
described A-4
service-module ids-sensor slot/port session command 9-4, 9-9
service packs described 11-4
service role 9-2
session command
AIM-IPS 9-5
AIP-SSM 9-6
IDSM-2 9-8
NME-IPS 9-10
sessioning
AIM-IPS 9-5
AIP-SSM 9-6
IDSM-2 9-8
NME-IPS 9-10
setting up terminal servers 1-18, 9-3, 12-14
setup
automatic 10-1
command 10-1, 10-4, 10-8, 10-13, 10-16, 10-20, 10-25
simplified mode 10-1
shallow rack installation (IPS 4270-20) 4-19
show events command A-88, A-89
show health command A-69
show interfaces command A-87
show inventory command 5-6, 8-6
show settings command A-13
show statistics command A-76, A-77
show statistics virtual-sensor command A-23, A-77
show tech-support command A-70
show version command A-73, A-74
signature/virus update files described 11-5
signature engine update files described 11-5
signatures and TCP reset A-51
site guidelines for sensor installation 1-29
slot assignments
IDSM-2 7-5
supervisor engines 7-5
SNMP and supported MIBs A-18
software bypass
supported configurations 3-4, 4-5
software downloads Cisco.com 11-1
software file names
recovery (illustration) 11-5
signature/virus updates (illustration) 11-4
signature engine updates (illustration) 11-5
system image (illustration) 11-5
software release examples
platform-dependent 11-7
platform identifiers 11-7
platform-independent 11-6
software requirements
AIM-IPS 5-2
NME-IPS 8-2
software updates
supported FTP servers 12-2
supported HTTP/HTTPS servers 12-2
SPAN
appliances 1-18
IDSM-2 1-23
port issues A-30
specifications
AIM-IPS 5-1
AIP-SSM 6-1
IDSM-2 7-1
IPS-4240 2-4
IPS-4255 2-4
IPS-4260 3-8
IPS 4270-20 4-14
NME-IPS 8-1
subinterface 0 described 1-14
supported
FTP servers 12-2
HTTP/HTTPS servers 12-2
IDSM-2 configurations 7-2, A-60
switch commands for troubleshooting A-61
Switched Port Analyzer see SPAN
System Configuration Dialog
described 10-2
example 10-2
system images sensors 11-8
T
T-15 Torx screwdriver (IPS 4270-20) 4-45
TAC
service account A-4
show tech-support command A-70
TCP reset interfaces
conditions 1-10
described 1-9
list 1-9
TCP resets
not occurring A-51
signature actions 1-2
terminal server setup 1-18, 9-3, 12-14
TFTP servers
recommended
UNIX 12-14
Windows 12-14
RTT 12-14
time
correction on the sensor 1-28, A-17
synchronization for IPS modules 1-27, A-16
time sources
trial license key 11-11
troubleshooting A-1
AIP-SSM
debugging A-67
recovering A-67
reset A-66
Analysis Engine busy A-56
applying software updates A-53
ARC
blocking not occurring for signature A-43
device access issues A-40
enabling SSH A-42
inactive state A-38
misconfigured master blocking sensor A-44
verifying device interfaces A-41
automatic updates A-54
cannot access sensor A-24
cidDump A-92
cidLog messages to syslog A-50
communication A-24
corrupted SensorApp configuration A-35
debug logger zone names (table) A-49
debug logging A-45
Diagnostic Panel (IPS 4270-20) 4-41
disaster recovery A-6
duplicate sensor IP addresses A-27
enabling debug logging A-46
external product interfaces A-22
gathering information A-69
global correlation A-19
IDM cannot access sensor A-57
IDM will not load A-56
IDSM-2
command and control port A-64
diagnosing problems A-59
serial cable A-66
status indicator A-61
switch commands A-61
IME time synchronization A-58
IPS modules time drift 1-27, A-16
manual block to bogus host A-42
misconfigured access list A-26
NTP A-51
password recovery A-13
physical connectivity issues A-30
preventive maintenance A-2
reset not occurring for a signature A-51
sensing process not running A-29
sensor events A-88
sensor loose connections 4-51, A-23
sensor not seeing packets A-33
sensor software upgrade A-55
service account A-4
show events command A-88
show interfaces command A-87
show statistics command A-76
show tech-support command A-70, A-72
show version command A-73
software upgrades A-53
SPAN port issue A-30
upgrading A-53
verifying Analysis Engine is running A-20
verifying ARC status A-37
tuning
IPS 1-3
tips 1-3
U
unassigned VLAN groups described 1-15
unauthenticated NTP 1-26, 1-27, A-14, A-15
unsupported sensors 1-16
upgrading
IPS software 11-7
latest version A-53
maintenance partition
IDSM-2 (Catalyst software) 12-38
IDSM-2 (Cisco IOS software) 12-39
minimum required version 11-7
recovery partition 12-5, 12-12
sensors 12-4
URLs for Cisco Security Center 11-10
using
debug logging A-45
TCP reset interfaces 1-10
V
VACLs IDSM-2 1-23
verifying
IDSM-2 installation 7-9
NTP configuration 1-28
password recovery A-13
sensor initialization 10-28
sensor setup 10-28
VLAN access control list see VACL
VLAN groups
802.1q encapsulation 1-15
configuration restrictions 1-11
deploying 1-15
described 1-14
switches 1-15