Table Of Contents
Preface
Audience
Organization
Conventions
Related Documentation
Obtaining Documentation and Submitting a Service Request
Preface
This document describes how to use Management Center for IPS Sensors (IPS MC) to manage configurations for Cisco Intrusion Prevention System Sensors.
Audience
This document is for network security administrators who configure and maintain more than one (and up to 300) Cisco Intrusion Prevention System Sensors. These administrators may have experience ranging from novice to expert, with the assumption that novices will improve their knowledge before they can use this product effectively.
Organization
This document contains the following chapters and appendixes:
•
Chapter 1, "Introduction"—Describes IPS MC, related products, and basic concepts.
•Chapter 2, "Advanced User Interface Design Features"—Describes how to start IPS MC from the Cisco Works desktop and describes the IPS MC user interface.
•Chapter 3, "Managing Sensors with IPS MC"—Outlines the task flow that you need to perform to manage your sensors with IPS MC. This chapter begins with a discussion of security policies.
•Chapter 4, "Working with Groups and Sensors"—Describes how to add a sensor group to an existing sensor group, how to use the progress viewer, how to view device statistics, and how to manage SSL certificates.
•Chapter 5, "Configuring Sensors and Signature Settings"—Describes how to configure and tune sensors and signatures.
•Chapter 6, "Generating, Approving, and Deploying Sensor Configurations"—Describes how to generate new configuration files; how to approve, view, and delete proposed configuration file changes; and how to deploy approved configuration files to sensors.
•Chapter 7, "Monitoring Sensor Health"—Describes how to employ the sensor health and welfare feature to determine whether a sensor is reachable and functioning properly.
•Chapter 8, "Using Update Files"—Describes how to employ update files for IPS sensor software versions and signature release levels. These files may be automatically or manually downloaded and applied, and may be minor update files, service pack update files, update patch files, and signature update files.
•Chapter 9, "Administering the System Configuration"—Describes how to perform a variety of basic administration tasks on the IPS MC server.
•Chapter 10, "Administering the Database"—Describes how to perform tasks involving database administration: database pruning, and operating with the Common Services platform.
•Chapter 11, "Reports"—Describes how to define, run, and otherwise work with reports.
•Appendix A, "Moving from the Unix Director or CSPM to IPS MC"—Presents information that is important to those who now use Cisco Secure Policy Manager (CSPM) or Unix Director to manage Cisco IDS Sensors but plan to begin using IPS MC and Monitoring Center for Security (Security Monitor).
•Appendix B, "Solving Common Problems in IPS MC"—Discusses common problems and potential solutions.
•Appendix C, "Employing Cisco Secure ACS with IPS MC"—This appendix outlines the steps you take to employ your Cisco Secure Access Control Server (ACS) with IPS MC.
Conventions
This document uses the following conventions:
Item
|
Convention
|
Commands, keywords, special terminology, and options that should be selected during procedures
|
boldface font
|
Variables for which you supply values and new or important terminology
|
italic font
|
Displayed session and system information, paths and file names
|
screen font
|
Information you enter
|
boldface screen font
|
Variables you enter
|
italic screen font
|
Menu items and button names
|
boldface font
|
Indicates menu items to select, in the order you select them.
|
Option > Network Preferences
|
Tip Identifies information to help you get the most benefit from your product.
Note Means reader take note. Notes identify important information that you should reflect upon before continuing, contain helpful suggestions, or provide references to materials not contained in the document.
Caution Means
reader be careful. In this situation, you might do something that could result in equipment damage, loss of data, or a potential breach in your network security.
Warning Identifies information that you must heed to prevent damaging yourself, the state of software, or equipment. Warnings identify definite security breaches that will result if the information presented is not followed carefully.
Related Documentation
Note Although every effort has been made to validate the accuracy of the information in the printed and electronic documentation, you should also review the documentation on Cisco.com for any updates.
The following additional documentation is available:
Paper Documentation
•Guide to User Documentation for Cisco Security Manager 3.0
Online Documentation
•Context-sensitive online help. You can access online help for the application in two ways:
–In the Cisco Security Manager desktop, click the Help button
–In the application GUI, click the Help link for context-sensitive help
•Installation Guide for Cisco Security Manager 3.0 at http://www.cisco.com/en/US/products/ps6498/prod_installation_guides_list.html
•Release Notes for Cisco Security Manager 3.0 at http://www.cisco.com/en/US/products/ps6498/prod_release_notes_list.html
•Supported Devices and Software Versions for Cisco Security Manager 3.0 at http://www.cisco.com/en/US/products/ps6498/products_device_support_tables_list.html
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
