Filter
Top Products
Chapter 27 Cisco IOS IPS
Edit IPS
27-24
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Enable Engine Fail Closed
By default, while the Cisco IOS software compiles a new signature for a particular
engine, it allows packets to pass through without scanning for the corresponding
engine. Enable this option to make the Cisco IOS software drop packets during
the compilation process.
Enable Deny Action on IPS interface
This option is applicable if signature actions are configured to
“denyAttackerInline” or “denyFlowInline.” By default, Cisco IOS IPS applies
ACLs to the interfaces from which attack traffic came, and not to Cisco IOS IPS
interfaces. Enabling this option causes Cisco IOS IPS to apply the ACLs directly
to the Cisco IOS IPS interfaces, and not to the interfaces that originally received
the attack traffic. If the router is not performing load balancing, do not enable this
setting. If the router is performing load balancing, we recommend that you enable
this setting.
Edit IPS Prerequisites
The Edit IPS Prerequisites dialog contains tabs for the following categories of
information. Click on a link for the information that you want to see:
• Config Location Tab
• Category Selection Tab
• Public Key Tab
Config Location Tab
If a config location has been configured on the router, you can edit it. If none has
been configured, you can click Add and configure one. The Add button is disabled
if a config location is already configured. The Edit button is disabled when no
config location has been configured. See Create IPS: Configuration File Location
and Category for more information.
Category Selection Tab
If you specify a signature category, SDM configures the router with a subset of
signatures appropriate for a specific amount of router memory. You can also
remove an existing category configuration if you want to remove category
constraints when selecting signatures.