Filter
Top Products
28-6
Cisco ASDM User Guide
OL-16647-01
Chapter 28 Configuring IPS
Diverting Traffic to the AIP SSM
Step 1 In the ASDM Device List pane, double-click System under the active device IP address.
Step 2 On the Context Management > Security Contexts pane, choose a context that you want to configure, and
click Edit.
The Edit Context dialog box appears. For more information about configuring contexts, see the
“Configuring Security Contexts” section on page 10-16.
Step 3 In the IPS Sensor Allocation area, click Add.
The IPS Sensor Selection dialog box appears.
Step 4 From the Sensor Name drop-down list, choose a sensor name from those configured on the AIP SSM.
Step 5 (Optional) To assign a mapped name to the sensor, enter a value in the Mapped Sensor Name field.
This sensor name can be used within the context instead of the actual sensor name. If you do not specify
a mapped name, the sensor name is used within the context. For security purposes, you might not want
the context administrator to know which sensors are being used by the context. Or you might want to
genericize the context configuration. For example, if you want all contexts to use sensors called
“sensor1” and “sensor2,” then you can map the “highsec” and “lowsec” sensors to sensor1 and sensor2
in context A, but map the “medsec” and “lowsec” sensors to sensor1 and sensor2 in context B.
Step 6 Click OK to return to the Edit Context dialog box.
Step 7 (Optional) To set one sensor as the default sensor for this context, from the Default Sensor drop-down
list, choose a sensor name.
If you do not specify a sensor name when you configure IPS within the context configuration, the context
uses this default sensor. You can only configure one default sensor per context. If you do not specify a
sensor as the default, and the context configuration does not include a sensor name, then traffic uses the
default sensor on the AIP SSM.
Step 8 Repeat this procedure for each security context.
Step 9 Change to each context to configure the IPS security policy as described in “Diverting Traffic to the AIP
SSM” section on page 28-6.
Diverting Traffic to the AIP SSM
To identify traffic to divert from the adaptive security appliance to the AIP SSM, perform the following
steps. In multiple context mode, perform these steps in each context execution space.
This feature is enabled using Service Policy rules. See Chapter 22, “Configuring Service Policy Rules,”
for detailed information about creating a service policy.
Step 1 In the ASDM Device List pane, double-click the context name under the active device IP address >
Contexts.
Step 2 Click Configuration > Firewall > Service Policy Rules.
Step 3 You can edit an existing rule or create a new one:
• For an existing rule, choose the rule and click Edit.
The Edit Service Policy Rule dialog box appears.
• For a new rule, choose Add > Add Service Policy Rule.