Cisco Systems IPS4520K9 Network Router User Manual

Open as PDF

of 460

1-5

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Chapter 1 Introducing the Sensor

How the Sensor Functions

There are three interface roles:

•

Command and control

•

Sensing

•

Alternate TCP reset

There are restrictions on which roles you can assign to specific interfaces and some interfaces have

multiple roles. You can configure any sensing interface to any other sensing interface as its TCP reset

interface. The TCP reset interface can also serve as an IDS (promiscuous) sensing interface at the same

time. The following restrictions apply:

•

The TCP reset interface that is assigned to a sensing interface has no effect in inline interface or

inline VLAN pair mode, because TCP resets are always sent on the sensing interfaces in those

modes.

•

There is only one sensing interface on the ASA IPS modules (ASA 5500 AIP SSM,

ASA 5500-X IPS SSP and ASA 5585-X IPS SSP), so you cannot designate an alternate TCP reset

interface.

•

On the IPS 4510 and IPS 4520, no interface-related configurations are allowed when the SensorApp

is down.

Command and Control Interface

The command and control interface has an IP address and is used for configuring the sensor. It receives

security and status events from the sensor and queries the sensor for statistics. The command and control

interface is permanently enabled. It is permanently mapped to a specific physical interface, which

depends on the specific model of sensor. You cannot use the command and control interface as either a

sensing or alternate TCP reset interface.

Table 1-1 lists the command and control interfaces for each sensor.

Table 1-1 Command and Control Interfaces

Sensor Command and Control Interface

ASA 5500 AIP SSM-10 GigabitEthernet 0/0

ASA 5500 AIP SSM-20 GigabitEthernet 0/0

ASA 5500 AIP SSM-40 GigabitEthernet 0/0

ASA 5512-X IPS SSP Management 0/0

ASA 5515-X IPS SSP Management 0/0

ASA 5525-X IPS SSP Management 0/0

ASA 5545-X IPS SSP Management 0/0

ASA 5555-X IPS SSP Management 0/0

ASA 5585-X IPS SSP-10 Management 0/0

ASA 5585-X IPS SSP-20 Management 0/0

ASA 5585-X IPS SSP-40 Management 0/0

ASA 5585-X IPS SSP-60 Management 0/0

IPS 4240 Management 0/0

IPS 4255 Management 0/0

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems IPS4520K9 Network Router User Manual