Filter
Top Products
1-6
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Chapter 1 Introducing the Sensor
How the Sensor Functions
Sensing Interfaces
Sensing interfaces are used by the sensor to analyze traffic for security violations. A sensor has one or
more sensing interfaces depending on the sensor. Sensing interfaces can operate individually in
promiscuous mode or you can pair them to create inline interfaces.
Note
On appliances, all sensing interfaces are disabled by default. You must enable them to use them. On
modules, the sensing interfaces are permanently enabled.
Some appliances support optional interface cards that add sensing interfaces to the sensor. You must
insert or remove these optional cards while the sensor is powered off. The sensor detects the addition or
removal of a supported interface card. If you remove an optional interface card, some of the interface
configuration is deleted, such as the speed, duplex, description string, enabled/disabled state of the
interface, and any inline interface pairings. These settings are restored to their default settings when the
card is reinstalled. However, the assignment of promiscuous and inline interfaces to the Analysis Engine
is not deleted from the Analysis Engine configuration, but is ignored until those cards are reinserted and
you create the inline interface pairs again.
Interface Support
Table 1-2 describes the interface support for appliances and modules running Cisco IPS.
IPS 4260 Management 0/0
IPS 4270-20 Management 0/0
IPS 4345 Management 0/0
IPS 4360 Management 0/0
IPS 4510 Management 0/0
1
IPS 4520 Management 0/0
1
1. The 4500 series sensors have two management ports, Management 0/0 and
Management 0/1, but Management 0/1 is reserved for future use.
Table 1-1 Command and Control Interfaces (continued)
Sensor Command and Control Interface
Table 1-2 Interface Support
Base Chassis
Added
Interface
Cards
Interfaces Supporting
Inline VLAN Pairs
(Sensing Ports)
Combinations Supporting
Inline Interface Pairs
Interfaces Not
Supporting Inline
(Command and Control
Port)
ASA 5500 AIP SSM-10 — GigabitEthernet 0/1 by
security context instead of
VLAN pair or inline
interface pair
GigabitEthernet 0/1 by
security context instead of
VLAN pair or inline
interface pair
GigabitEthernet 0/0
ASA 5500 AIP SSM-20 — GigabitEthernet 0/1 by
security context instead of
VLAN pair or inline
interface pair
GigabitEthernet 0/1 by
security context instead of
VLAN pair or inline
interface pair
GigabitEthernet 0/0