Filter
Top Products
B-16
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Appendix B Initializing the Sensor
Advanced Setup
no login-banner-text
exit
time-zone-settings
offset 0
standard-time-zone-name UTC
exit
summertime-option disabled
ntp-option disabled
exit
service web-server
port 342
exit
service analysis-engine
virtual-sensor newVs
description New Sensor
signature-definition newSig
event-action-rules rules0
anomaly-detection
anomaly-detection-name ad0
exit
physical-interfaces GigabitEthernet0/1
exit
exit
service event-action-rules rules0
overrides deny-packet-inline
override-item-status Disabled
risk-rating-range 90-100
exit
exit
[0] Go to the command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration and exit setup.
Step 22
Enter
2
to save the configuration.
Enter your selection[2]: 2
Configuration Saved.
Step 23
Reboot the ASA 5500 AIP SSM.
aip-ssm# reset
Warning: Executing this command will stop all applications and reboot the node.
Continue with reset? []:
Step 24
Enter
yes
to continue the reboot.
Step 25
After reboot, log in to the sensor, and display the self-signed X.509 certificate (needed by TLS).
aip-ssm# show tls fingerprint
MD5: C4:BC:F2:92:C2:E2:4D:EB:92:0F:E4:86:53:6A:C6:01
SHA1: 64:9B:AC:DE:21:62:0C:D3:57:2E:9B:E5:3D:04:8F:A7:FD:CD:6F:27
Step 26
Write down the certificate fingerprints. You need the fingerprints to check the authenticity of the
certificate when using HTTPS to connect to this ASA 5500 AIP SSM with a web browser.
Step 27
Apply the most recent service pack and signature update. You are now ready to configure your
ASA 5500 AIP SSM for intrusion prevention.