Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
L -
M -
N -
O -
P -
R -
S -
T -
U -
V -
Index
Numerics
10GE interface card
described 3-3, 4-4
illustration 3-4, 4-5
2SX interface card
described 3-3, 4-4
illustration 3-3, 4-4
4GE bypass interface card
configuration restrictions 3-5, 4-7
described 3-2, 3-4, 4-3, 4-6
illustration 3-3, 4-4
802.1q encapsulation
VLAN groups 1-16
A
access control list. See ACL.
accessing
Diagnostic Panel (IPS 4270-20) 4-42
IPS software 12-1
access lists misconfiguration A-30
actions
ACL changes 1-2
IP logs 1-3
multiple packet drop 1-3
TCP reset 1-2
adaptive security appliance described 1-22, 1-24
AIM-IPS
branch router (illustration) 1-21
described 1-20
illustration 1-22
initializing 10-13
installing 5-5
installing system image 13-22
interfaces described 5-4
logging in 11-5
removing 5-5
restrictions 5-3
session command 11-5
sessioning 11-4, 11-5
setup command 10-13
software requirements 5-2
specifications 5-1
time sources 1-29, A-18
AIP-SSC-5
described 1-22
indicators (illustration) 6-2
indicators (table) 6-2
initializing 10-6
installing 6-2
logging in 11-6
models 1-22
password recovery A-10
removing 6-5
requirements 6-1
resetting A-69
resetting the password A-11
session command 11-6
show module 1 command 6-4
specifications (table) 6-1
verifying status 6-4
AIP-SSM
described 1-24
indicators
described 7-2
illustration 7-2
initializing 10-16
installing 7-3
installing system image 13-25
logging in 11-6
memory specifications 7-2
models 1-24
Normalizer engine A-72
password recovery A-12
recovering A-70
reimaging 13-25
removing 7-5
requirements 7-2
resetting A-69
resetting the password A-13
session command 11-6
setup command 10-16
show module 1 command 7-4
specifications (table) 7-1
time sources 1-30, A-19
verifying status 7-5
alternate TCP reset interface 1-11
Analysis Engine
error messages A-26
IDM exits A-59
verify it is running A-23
anomaly detection disabling A-22
appliances
ACLs 1-2
application partition image 13-11
described 1-18
GRUB menu A-8
initializing 10-7
logging in 11-2
managers 1-18
models 1-18
password recovery A-8
restrictions 1-19
SPAN 1-19
TCP reset 1-2
terminal servers
described 1-19, 11-3, 13-13
setting up 1-19, 11-3, 13-13
time sources 1-28, A-18
upgrading recovery partition 13-6
application partition image recovering 13-11
applying software updates A-56
ARC
blocking not occurring for signature A-45
device access issues A-42
enabling SSH A-45
inactive state A-41
misconfigured MBS A-46
troubleshooting A-39
verifying device interfaces A-44
verifying status A-40
ASA IPS modules
Deny Connection Inline A-73
Deny Packet Inline A-73
Reset TCP Connection A-73
TCP reset packets A-73
ASDM resetting passwords A-12, A-14
asymmetric traffic and disabling anomaly detection A-22
attack responses and TCP reset 1-2
authenticated NTP 1-29, 1-30, A-18
automatic setup 10-1
automatic upgrade
information required 13-7
troubleshooting A-56
autonegotiation for hardware bypass 3-6, 4-7
auto-upgrade-option command 13-7
B
backing up
configuration A-3
current configuration A-4, A-5
back panel features
IPS-4240 2-3
IPS-4255 2-3
IPS-4260 3-7
IPS 4270-20 4-10
basic setup 10-3
blocking not occurring for signature A-45
Bug Toolkit
described A-1
URL A-1
C
cable management arm
converting 4-33
described 4-32
installing 4-29
cable pinouts
console port 1-37
RJ-45 1-37
RJ-45 to DB-25 1-38
RJ-45 to DB-9 1-38
cannot access sensor A-27
Catalyst software
IDSM-2
enabling full memory tests 8-12
powering off 8-15
powering on 8-15
resetting 8-14
cidDump obtaining information A-96
cisco
default password 11-2
default username 11-2
Cisco.com
accessing software 12-1
downloading software 12-1
IPS software 12-1
software downloads 12-1
Cisco IOS software
IDSM-2
enabling full memory tests 8-13
powering down 8-16
powering up 8-16
resetting 8-14
Cisco IPS software files 13-3
Cisco Security Intelligence Operations
described 12-9
URL 12-9
Cisco Services for IPS
service contract 12-11
supported products 12-11
clear events command 1-31, A-20, A-96
clearing
events A-96
statistics A-82
clear password command A-10, A-15
command and control interface
described 1-5
Ethernet 1-2
list 1-5
commands
auto-upgrade-option 13-7
clear events 1-31, A-20, A-96
clear password A-10, A-15
copy backup-config A-3
copy current-config A-3
copy license-key 12-13
debug module-boot A-70
downgrade 13-10
hw-module module 1 reset A-69
hw-module module slot_number password-reset A-11, A-12
session 11-5, 11-10
setup 10-1, 10-3, 10-7, 10-13, 10-16, 10-20, 10-24
show events A-93
show health A-75
show inventory 5-6, 9-5
show module 1 details A-68
show settings A-17
show statistics A-81
show statistics virtual-sensor A-26, A-81
show tech-support A-75
show version A-79
upgrade 13-3, 13-5
configuration files
backing up A-3
merging A-3
configuration restrictions
alternate TCP reset interface 1-11
inline interface pairs 1-11
inline VLAN pairs 1-11
interfaces 1-10
physical interfaces 1-10
VLAN groups 1-12
configuring
automatic upgrades 13-9
maintenance partition
IDSM-2 (Catalyst software) 13-30
IDSM-2 (Cisco IOS software) 13-34
upgrades 13-4
console port pinouts 1-37
converting cable management arm 4-33
copy backup-config command A-3
copy current-config command A-3
copy license-key command 12-13
correcting time on the sensor 1-31, A-20
creating the service account A-6
cryptographic account
Encryption Software Export Distribution Authorization from 12-2
obtaining 12-2
current configuration back up A-3
D
DC power supply (IPS-4240) 2-10
debug logging enable A-48
debug-module-boot command A-70
defaults
password 11-2
username 11-2
device access issues A-42
Diagnostic Panel
accessing 4-42
component list 4-14
illustration 4-14
indicators 4-14
disabling
anomaly detection A-22
password recovery A-16
disaster recovery A-6
displaying
events A-94
health status A-75
password recovery setting A-17
statistics A-82
tech support information A-76
version A-79
downgrade command 13-10
downgrading sensors 13-10
downloading software 12-1
duplicate IP addresses A-30
E
electrical safety guidelines 1-33
enabling
debug logging A-48
full memory tests
Catalyst software 8-12
Cisco IOS software 8-13
Encryption Software Export Distribution Authorization form
cryptographic account 12-2
described 12-2
ESD environment 1-35
Ethernet port indicators
IPS-4240 2-3
IPS-4255 2-3
IPS-4260 3-8
IPS 4270-20 4-11
event display A-94
Event Store and clearing events 1-31, A-20
event types A-92
examples
ASA failover configuration A-71
expansion card interfaces naming conventions 3-4, 4-5
expansion card slots
IPS-4260 3-20, 3-22
IPS 4270-20 4-43
external product interfaces
issues A-24
troubleshooting A-24
F
fail-over testing 3-5, 4-6
fan indicators (IPS 4270-20) 4-50
fans (IPS 4270-20) 4-50
files
Cisco IPS 13-3
IDSM2 password recovery A-15
finding the serial number 5-6, 9-5
front panel indicators
IPS-4240 2-3
IPS4255 2-3
IPS-4260 3-7
IPS 4270-20 4-9
front panel switches
IPS-4260 3-7
IPS 4270-20 4-9
FTP servers supported 13-2
G
grounding lugs (IPS-4260) 3-16
GRUB menu password recovery A-8
guidelines
electrical safety 1-33
power supplies 1-34
rack configuration 1-33
H
hardware bypass
autonegotiation 3-6, 4-7
configuration restrictions 3-5, 4-7
fail-over 3-5, 4-6
IPS-4260 3-4
IPS 4270-20 3-4, 4-6
link status changes and drops 3-6, 4-8, A-26
proper configuration 3-6, 4-7, A-25
supported configurations 3-4, 4-6
with software bypass 3-4, 4-6
HTTP/HTTPS servers 13-2
hw-module module 1 reset command A-69
hw-module module slot_number password-reset command A-11, A-12
I
IDM
Analysis Engine is busy A-59
will not load A-58
IDS appliances unsupported models 1-17
IDSM-2
command and control port A-66
configuring
maintenance partition (Catalyst software) 13-30
maintenance partition (Cisco IOS software) 13-34
described 1-26
enabling full memory tests
Catalyst software 8-12
Cisco IOS software 8-13
front panel 8-3
hot swapping 8-4, 8-8
initializing 10-20
installing
procedure 8-5
required tools 8-4
system image (Catalyst software) 13-28
system image (Cisco IOS software) 13-30
logging in 11-8
PFC 8-5
powering down
Cisco IOS software 8-16
powering off
Catalyst software 8-15
powering on
Catalyst software 8-15
powering up
Cisco IOS software 8-16
reimaging 13-28
removing 8-10
requirements 8-2
resetting
Catalyst software 8-14
Cisco IOS software 8-14
described 8-13
sessioning 11-8
setup command 10-20
shutdown
button 8-3
command 8-3
described 8-11
slot assignments 8-5
SPAN 1-26
specifications 8-1
status indicator 8-3
supported configurations 8-2, A-63
TCP reset port 8-3, A-68
time sources 1-29, A-18
upgrading
maintenance partition (Catalyst software) 13-38
maintenance partition (Cisco IOS software) 13-38
VACLs 1-26
verifying installation 8-9
IDSM2
installing
system image (Cisco IOS software) 13-29
password recovery A-14
password recovery image file A-15
IDS switch modules unsupported models 1-18
IME time synchronization problems A-61
initializing
AIM-IPS 10-13
AIP-SSC-5 10-6
AIP-SSM 10-16
appliances 10-7
IDSM-2 10-20
NME-IPS 10-24
sensors 10-1, 10-3
user roles 10-1
verifying 10-27
inline interface pair mode
configuration restrictions 1-11
described 1-14
inline VLAN pair mode
configuration restrictions 1-11
described 1-15
supported sensors 1-15
installation preparation 1-32
installer major version 12-5
installer minor version 12-5
installing
AIM-IPS 5-5
AIP-SSC-5 6-2
AIP-SSM 7-3
cable management arm 4-29
fans (IPS 4270-20) 4-50
IPS-4240 2-8
IPS-4255 2-8
IPS-4260 3-16
IPS 4270-20 4-36
license key 12-13
NME-IPS 9-5
sensor license 12-12
system image
AIP-SSM 13-25
IDSM-2 (Catalyst software) 13-28
IDSM-2 (Cisco IOS software) 13-30
IDSM2 (Cisco IOS software) 13-29
IPS-4240 13-14
IPS-4255 13-14
IPS-4260 13-17
IPS 4270-20 13-19
NME-IPS 13-39
interface cards
IPS-4260
10GE card 3-3
2SX card 3-3
4GE card 3-2
installing 3-20
removing 3-20
IPS 4270-20
10GE card 4-4
2SX card 4-4
4GE card 4-3
installing 4-43
removing 4-43
interfaces
alternate TCP reset 1-5
command and control 1-5
configuration restrictions 1-10
described 1-4
port numbers 1-4
sensing 1-5, 1-6
slot numbers 1-4
support (table) 1-6
TCP reset 1-9
VLAN groups 1-5
internal health information (IPS 4270-20) 4-43
introducing
AIM-IPS 1-20
AIP-SSC-5 1-22
AIP-SSM 1-24
IDSM-2 1-26
NME-IPS 1-27
IPS-4240
accessories 2-5
back panel
illustration 2-3
indicators 2-3
described 2-1
features 2-2
front panel
illustration 2-2
indicators 2-3
installing 2-8
installing DC power supply 2-10
installing system image 13-14
introducing 2-1
password recovery A-9
rack mounting 2-6
reimaging 13-14
specifications 2-4
IPS-4255
accessories 2-5
back panel (illustration) 2-3
front panel
illustration 2-2
indicators 2-3
installing 2-8
installing system image 13-14
introducing 2-1
password recovery A-9
rack mounting 2-6
reimaging 13-14
specifications 2-4
IPS-4260
4GE bypass interface card 3-2
accessories kit 3-9
back panel features 3-7
chassis cover
removing 3-19
replacing 3-19
described 3-1
Ethernet port indicators 3-8
expansion card slots 3-20, 3-22
features 3-6
front panel
indicators 3-7
switches 3-7
grounding lugs 3-16
hardware bypass 3-4
installing 3-16
installing interface cards 3-20
installing system image 13-17
interface naming conventions 3-4
network ports 3-2
performance 3-2
power supplies 3-2
power supply indicators 3-8
rack mounting
2-post 3-13
4-post 3-10
reimaging 13-17
removing interface cards 3-20
sensing interfaces 3-2
specifications 3-9
supported interface cards 3-2
IPS 4270-20
4GE bypass interface card 4-2
accessing Diagnostic Panel 4-42
accessories kit 4-16
back panel features 4-10
chassis cover
removing 4-40
replacing 4-40
converting cable management arm 4-33
described 4-1
Diagnostic Panel
described 4-14
illustration 4-14
Ethernet port indicators
described 4-11
illustration 4-11
expansion card slots 4-43
extending from a rack 4-27
fan connector and indicator (illustration) 4-50
fan indicators 4-50
fans 4-50
features 4-8
front panel
indicators 4-9
switches 4-9
front view (illustration) 4-8
hardware bypass 3-4, 4-6
hot-pluggable power supplies 4-45
installation 4-36
installing
cable management arm 4-29
fans 4-50
in a rack 4-18
interface cards 4-43
power supplies 4-45
installing system image 13-19
interface naming conventions 4-5
maximum rack depth 4-17
network ports 4-2
performance 4-2
power supplies
described 4-3
indicators 4-12
rack requirements 4-17
rail system kit
described 4-16
minimum rack depth 4-17
redundant power supplies 4-45
reimaging 13-19
removing
interface cards 4-43
power supplies 4-45
sensing interfaces 4-2
shallow rack installation 4-19
specifications 4-15
switches and indicators (illustration) 4-9
T-15 Torx screwdriver 4-45
IPS appliances
Deny Connection Inline A-73
Deny Packet Inline A-73
Reset TCP Connection A-73
TCP reset packets A-73
IPS modules time synchronization 1-30, A-19
IPS software
available files 12-1
obtaining 12-1
platform-dependent release examples 12-6
IPS software file names
major updates (illustration) 12-4
minor updates (illustration) 12-4
patch releases (illustration) 12-4
service packs (illustration) 12-4
IPv6
SPAN ports 1-13
switches 1-13
L
license key
installation 12-13
trial 12-10
licensing
described 12-10
IPS device serial number 12-10
Licensing pane
configuring 12-12
described 12-10
limitations for concurrent CLI sessions 2-1, 3-1, 4-1, 5-1, 6-1, 7-1, 8-1, 9-1, 11-1
logging in
AIM-IPS 11-5
AIP-SSC-5 11-6
AIP-SSM 11-6
appliances 11-2
IDSM-2 11-8
NME-IPS 11-10
sensors
SSH 11-11
Telnet 11-11
service role 11-2
terminal servers 1-19, 11-3, 13-13
user role 11-1
loose connections and sensors 4-52, A-26
M
maintenance partition
configuring
IDSM-2 (Catalyst software) 13-30
IDSM-2 (Cisco IOS software) 13-34
major updates described 12-3
manual block to bogus host A-45
master blocking sensor not set up properly A-46
merging configuration files A-3
MIBs supported A-21
minor updates described 12-3
modes
IDS 1-1
inline interface pair 1-14
inline VLAN pair 1-15
IPS 1-1
promiscuous 1-12
VLAN Groups 1-15
modules
AIM-IPS
described 1-20
specifications 5-1
AIP-SSC-5
described 1-22
specifications 6-1
AIP-SSM
described 1-24
memory specifications 7-2
specifications 7-1
IDSM-2 1-26, 8-3, 8-4, 8-5, 8-10
NME-IPS
described 1-27
specifications 9-1
N
Network Timing Protocol. See NTP.
NME-IPS
illustration 1-28
initializing 10-24
installing system image 13-39
introducing 1-27
logging in 11-10
reimaging 13-39
restrictions 9-3
session command 11-10
sessioning 11-9, 11-10
setup command 10-24
software requirements 9-2
specifications 9-1
time sources 1-29, A-18
verifying installation 5-6, 9-6
NTP
authenticated 1-29, 1-30, A-18
described 1-28, A-18
incorrect configuration 1-30, A-19
time synchronization 1-28, A-18
unauthenticated 1-29, 1-30, A-18
verifying configuration 1-31
O
obtaining
cryptographic account 12-2
IPS sofware 12-1
P
password recovery
AIM-IPS A-10
AIP-SSC-5 A-10
AIP-SSM A-12
appliances A-8
CLI A-16
described A-8
disabling A-16
GRUB menu A-8
IDSM2 A-14
IPS-4240 A-9
IPS-4255 A-9
NME-IPS A-15
platforms A-8
ROMMON A-9
troubleshooting A-17
verifying A-17
patch releases described 12-3
performance (IPS 4270-20) 4-2
PFC described 8-5
physical connectivity issues A-34
physical interfaces configuration restrictions 1-10
platforms concurrent CLI sessions 2-1, 3-1, 4-1, 5-1, 6-1, 7-1, 8-1, 9-1, 11-1
Policy Feature Card. See PFC.
powering down
IDSM-2 (Cisco IOS software) 8-16
powering off
IDSM-2 (Catalyst software) 8-15
powering on
IDSM-2 (Catalyst software) 8-15
powering up
IDSM-2 (Cisco IOS software) 8-16
power supplies
hot-pluggable (IPS 4270-20) 4-45
IPS 4270-20
installing 4-45
removing 4-45
redundant (IPS 4270-20) 4-45
power supply guidelines 1-34
power supply indicators
IPS-4260 3-8
IPS 4270-20 4-12
preparing for sensor installation 1-32
prerequisites
AIM-IPS 5-2, 9-2
NME-IPS 5-2, 9-2
promiscuous mode
described 1-12
packet flow 1-12
SPAN ports 1-13
VACL capture 1-13
R
rack
airflow requirements 4-17
configuration guidelines 1-33
IPS 4270-20
extension 4-27
installation 4-18
requirements 4-17
space requirements 4-17
rack mounting
IPS-4260
2-post 3-13
4-post 3-10
rail system
maximum rack depth 4-17
minimum rack depth 4-17
rack hole-types (illustration) 4-16
round holes 4-16
square holes 4-16
threaded holes 4-16
rail system kit
cable management arm 4-29, 4-32
contents 4-17
IPS 4270-20 4-16
required tools 4-17
recover command 13-11
recovering
AIP-SSM A-70
application partition image 13-11
recovery partition upgrade 13-6
reimaging
AIM-IPS 13-22
AIP-SSM 13-25
appliances 13-11
described 13-1
IDSM-2 13-28
IPS-4240 13-14
IPS-4255 13-14
IPS-4260 13-17
IPS 4270-20 13-19
NME-IPS 13-39
sensors 12-8, 13-1
removing
AIM-IPS 5-5
AIP-SSC-5 6-5
AIP-SSM 7-5
chassis cover
IPS-4260 3-19
IPS 4270-20 4-40
last applied
service pack 13-10
signature update 13-10
replacing
chassis cover
IPS-4260 3-19
IPS 4270-20 4-40
requirements
AIP-SSC-5 6-1
AIP-SSM 7-2
racks
airflow 4-17
space 4-17
reset not occurring for a signature A-54
resetting
AIP-SSC-5 A-69
AIP-SSM A-69
IDSM-2 8-13
passwords
ASDM A-12, A-14
hw-module command A-11, A-12
resetting the password
AIP-SSC-5 A-11
AIP-SSM A-13
restoring the current configuration A-4, A-5
restrictions
AIM-IPS 5-3
NME-IPS 9-3
RJ-45 cable pinouts 1-37
RJ-45 to DB2-5 cable pinouts 1-38
RJ-45 to DB-9 cable pinouts 1-38
ROMMON
described 13-13
IPS-4240 13-14
IPS-4255 13-14
IPS-4260 13-17
IPS 4270-20 13-17, 13-19
password recovery A-9
remote sensors 13-13
serial console port 13-13
TFTP 13-13
round-trip time. See RTT.
RTT
described 13-13
TFTP limitation 13-13
S
scheduling automatic upgrades 13-9
security
information on Cisco Security Intelligence Operations 12-9
sensing interfaces
described 1-6
interface cards 1-6
modes 1-6
sensors
access problems A-27
AIP-SSC-5 1-22
AIP-SSM 1-24
asymmetric traffic and disabling anomaly detection A-22
capturing traffic 1-1
comprehensive deployment 1-1
Comprehensive Deployment Solutions (illustration) 1-1
corrupted SensorApp configuration A-38
disaster recovery A-6
downgrading 13-10
electrical guidelines 1-33
IDS mode 1-1
incorrect NTP configuration 1-30, A-19
initializing 10-1, 10-3
interface support 1-6
IP address conflicts A-30
IPS mode 1-1
license 12-12
logging in
SSH 11-11
Telnet 11-11
loose connections 4-52, A-26
misconfigured access lists A-30
models 1-17
network topology 1-3
no alerts A-35, A-60
not seeing packets A-37
NTP time synchronization 1-28, A-18
physical connectivity A-34
power supply guidelines 1-34
preparing for installation 1-32
preventive maintenance A-2
process not running A-32
rack configuration guidelines 1-33
recovering the system image 12-8
reimaging 12-8, 13-1
sensing process not running A-32
setup command 10-1, 10-3, 10-7
site guidelines 1-32
supported 1-17
system images 12-8
TCP reset 1-2
time sources 1-28, A-18
troubleshooting software upgrades A-57
unsupported 1-17
upgrading 13-4
serial number and the show inventory command 5-6, 9-5
service account
creating A-6
described A-5
service-module ids-sensor slot/port session command 11-4, 11-9
service packs described 12-3
service role 11-2
session command
AIM-IPS 11-5
AIP-SSC-5 11-6
AIP-SSM 11-6
IDSM-2 11-8
NME-IPS 11-10
sessioning
AIM-IPS 11-5
AIP-SSM 11-6
IDSM-2 11-8
NME-IPS 11-10
setting up terminal servers 1-19, 11-3, 13-13
setup
automatic 10-1
command 10-1, 10-3, 10-7, 10-13, 10-16, 10-20, 10-24
simplified mode 10-1
shallow rack installation (IPS 4270-20) 4-19
show events command A-92, A-93
show health command A-75
show interfaces command A-91
show inventory command 5-6, 9-5
show module 1 details command A-68
show settings command A-17
show statistics command A-81
show statistics virtual-sensor command A-26, A-81
show tech-support command A-75
show version command A-78, A-79
signature/virus update files described 12-4
signature engine update files described 12-4
signatures and no TCP reset A-54
site guidelines 1-32
slot assignments
IDSM-2 8-5
supervisor engines 8-5
SNMP supported MIBs A-21
software bypass
supported configurations 3-4, 4-6
with hardware bypass 3-4, 4-6
software downloads Cisco.com 12-1
software file names
recovery (illustration) 12-5
signature/virus updates (illustration) 12-4
signature engine updates (illustration) 12-5
system image (illustration) 12-5
software release examples
platform-dependent 12-6
platform identifiers 12-7
platform-independent 12-6
software requirements
AIM-IPS 5-2
NME-IPS 9-2
software updates
supported FTP servers 13-2
supported HTTP/HTTPS servers 13-2
SPAN
appliances 1-19
IDSM-2 1-26
port issues A-34
specifications
AIM-IPS 5-1
AIP-SSC-5 6-1
AIP-SSM 7-1
IDSM-2 8-1
IPS-4240 2-4
IPS-4255 2-4
IPS-4260 3-9
IPS 4270-20 4-15
NME-IPS 9-1
subinterface 0 described 1-16
supported
FTP servers 13-2
HTTP/HTTPS servers 13-2
IDSM-2 configurations 8-2, A-63
switch commands for troubleshooting A-63
Switched Port Analyzer. See SPAN.
System Configuration Dialog
described 10-2
example 10-2
system image
installing
IDSM2 (Cisco IOS software) 13-29
IPS-4240 13-14
IPS-4255 13-14
IPS-4260 13-17
system images sensors 12-8
T
T-15 Torx screwdriver (IPS 4270-20) 4-45
TAC
service account A-5
show tech-support command A-75
TCP reset interfaces
conditions 1-10
described 1-9
list 1-10
TCP resets
described 1-2
IDSM-2 port 8-3, A-68
not occurring A-54
terminal server setup 1-19, 11-3, 13-13
testing fail-over 3-5, 4-6
TFTP servers
maximum file size limitation 13-13
RTT 13-13
time and the sensor 1-28, A-18
time correction on the sensor 1-31, A-20
time sources
AIM-IPS 1-29, A-18
AIP-SSM 1-30, A-19
appliances 1-28, A-18
IDSM-2 1-29, A-18
NME-IPS 1-29, A-18
time synchronization (IPS modules) 1-30, A-19
trial license key 12-10
troubleshooting
AIP-SSC-5 reset A-69
AIP-SSM
commands A-68
debugging A-70
failover scenarios A-71
recovering A-70
reset A-69
Analysis Engine busy A-59
applying software updates A-56
ARC
blocking not occurring for signature A-45
device access issues A-42
enabling SSH A-45
inactive state A-41
misconfigured MBS A-46
verifying device interfaces A-44
automatic update A-56
cannot access sensor A-27
cidDump A-96
cidLog messages to syslog A-53
communication A-27
corrupted SensorApp configuration A-38
debug logger zone names (table) A-52
debug logging A-48
Diagnostic Panel (IPS 4270-20) 4-42
disaster recovery A-6
duplicate sensor IP addresses A-30
enabling debug logging A-48
external product interfaces A-24
gathering information A-74
IDM cannot access sensor A-59
IDM will not load A-58
IDSM-2
command and control port A-66
diagnosing problems A-62
not online A-65, A-66
serial cable A-68
status indicator A-64
switch commands A-63
IME time synchronization A-61
IPS modules time drift 1-30, A-19
manual block to bogus host A-45
misconfigured access list A-30
no alerts A-35, A-60
NTP A-54
password recovery A-17
physical connectivity issues A-34
preventive maintenance A-2
reset not occurring for a signature A-54
sensing process not running A-32
sensor events A-92
sensor loose connections 4-52, A-26
sensor not seeing packets A-37
sensor software upgrade A-57
service account A-5
show events command A-92
show interfaces command A-91
show statistics command A-81
show tech-support command A-75, A-77
show version command A-78
software upgrades A-55
SPAN port issue A-34
upgrading to 6.x A-55
verifying Analysis Engine is running A-23
verifying ARC status A-40
U
unassigned VLAN groups described 1-16
unauthenticated NTP 1-29, 1-30, A-18
unsupported sensors 1-17
upgrade command 13-3, 13-5
upgrading
maintenance partition
IDSM-2 (Catalyst software) 13-38
IDSM-2 (Cisco IOS software) 13-38
minimum required version 12-7
recovery partition 13-6, 13-11
to 6.2 12-7
to 6.x A-55
URLs for Cisco Security Intelligence Operations 12-9
using
debug logging A-48
TCP reset interfaces 1-10
V
VACLs and IDSM-2 1-26
verifying
IDSM-2 installation 8-9
NME-IPS installation 5-6, 9-6
NTP configuration 1-31
password recovery A-17
sensor initialization 10-27
sensor setup 10-27
VLAN access control list. See VACL.
VLAN groups
802.1q encapsulation 1-16
configuration restrictions 1-12
deploying 1-16
described 1-15
switches 1-16