Cisco ASA 5585-X described 9-2 installing ASA 5585-X IPS SSP 9-13 models 9-
2 removing ASA 5585-X IPS SSP 9-13. Cisco Security Intelligence Operations.
INDEX
alternate TCP reset interface
Numerics
configuration restrictions 10BaseT cable pinouts appliance
F-1
ASA 5585-X
F-1
designating
1-12
restrictions
1-5
Analysis Engine
2SX card
error messages
described
4-3, 5-4
illustration
errors
4-4, 5-5
E-55
sensing interfaces
configuration restrictions
4-5, 5-6
verify it is running
4-3, 4-5, 5-4, 5-6
illustration
E-23
E-51
IDM exits
4GE bypass interface card described
1-13
1-6 E-19
anomaly detection disabling
4-3, 5-4
E-18
appliance
802.1q encapsulation for VLAN groups
1-18
cable pinouts (10BaseT)
F-1
cable pinouts(10BaseT)
F-1
appliances
A
ACLs
1-2
access control list. See ACL.
described
accessing
GRUB menu
Diagnostic Panel (IPS 4270-20) IPS software
C-1
service account
E-5
access list misconfiguration
E-26
ACL changes
B-8
logging in
A-2
managers
1-21
models
1-21
restrictions
1-3
TCP reset
1-3
described
8-2 9-2
2-1
1-22
1-21 1-2
terminal servers
adaptive security appliance ASA 5585-X IPS SSP
SPAN
TCP reset
1-2
ASA 5500 AIP SSM
E-8
preparing for installation
1-2
multiple packet drop
models
initializing
E-8
password recovery
actions IP logs
5-42
1-21
8-2 9-2
described
1-22, A-3, D-13
setting up
1-22, A-3, D-13
time sources
1-23, E-15
upgrading recovery partition
D-6
application partition image recovery
D-11
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-1
Index
applying software updates
sessioning in
E-52
ARC
A-5
setup command
blocking not occurring for signature device access issues
E-41
time soruces
B-17
1-23, E-15
ASA 5585-X
E-39
enabling SSH
E-41
cable pinouts 10BaseT
inactive state
E-37
slide rail kit hardware installation
misconfigured master blocking sensor troubleshooting
verifying device interfaces
E-40
indicators described
installing
8-5
interfaces
8-5
recovering
E-61
requirements
8-7
8-4
9-2 A-6
session command sessioning in
password recovery
E-11
reimaging
D-23
removing
9-9, 9-13
setup command
sessioning in
B-13
show module 1 command specifications
A-6
B-21
show module 1 command slot 1
8-7
ASA 5500-X IPS SSP
time sources
9-3 1-23, E-15
verifying status
A-5
9-12
9-9
specifications
B-17
9-13
ASA 5585-X SSP-10 with IPS SSP-10
E-73
memory usage values (table) Normalizer engine
E-72
password recovery
E-9
resetting the password session command
E-11
A-6
setup command
8-7
8-4
verifying status
9-4
session command
A-4
memory usage
E-79
resetting the password
A-4
9-8
Normalizer engine
requirements
E-58
D-23
9-2, 9-3
logging in
8-4
E-59
removing module
logging in
9-9
memory requirements
Normalizer engine
initializing
B-21
introducing
A-4
8-2
resetting
9-6
installing system image
memory specifications models
initializing
8-5
B-13
logging in
9-7
illustration
indicators (illustration)
installing
9-2
described
8-2
initializing
described
9-2
front panel indicators
E-36
ASA 5500 AIP SSM described
7-19
ASA 5585-X IPS SSP adaptive security appliance
E-35
verifying status
E-42
F-1
A-5
E-73
described
9-2
memory requirements
9-8
ASA 5585-X SSP-20 with IPS SSP-20 E-9
described
9-3
memory requirements
9-8
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-2
OL-24002-01
Index
ASA 5585-X SSP-40 with IPS SSP-40 described
9-3
memory requirements
installing
5-29
RJ-45 to DB-9
F-3
cannot access sensor
9-3
memory requirements
E-24
cidDump obtaining information
9-8
ASA IPS modules
circuit breaker warning
jumbo packet count
E-11, E-12
asymmetric traffic and disabling anomaly detection attack responses for TCP resets authenticated NTP
6-20
E-18
default password
A-2
default username
A-2
Cisco.com
1-2
accessing software
1-23, E-14
C-1
downloading software
B-2
automatic upgrade
software downloads
information required troubleshooting
C-1 C-1
Cisco ASA 5585-X
D-7
described
E-52
autonegotiation for hardware bypass auto-upgrade-option command
E-105
cisco
E-62, E-73, E-80
ASDM resetting passwords
automatic setup
5-32
cable pinouts
9-8
ASA 5585-X SSP-60 with IPS SSP-60 described
described
4-6, 5-7
installing ASA 5585-X IPS SSP models
D-7
9-2 9-13
9-2
removing ASA 5585-X IPS SSP
9-13
Cisco Security Intelligence Operations
B
described URL
backing up configuration
service contract
E-4
clear events command
4-8
IPS 4270-20
C-9
supported products
back panel features IPS 4260
C-8
Cisco Services for IPS
E-2
current configuration
C-8
C-9 1-24, E-16, E-105
clearing
5-10
IPS 4345
6-7
events
IPS 4360
6-8
statistics
IPS 4510
7-6
CLI password recovery
IPS 4520
7-6
command and control interface
basic setup
E-105 E-89
described
B-4
blocking not occurring for signature
E-41
Ethernet list
E-13
1-5 1-2
1-5
commands
C
auto-upgrade-option
cable management arm converting
5-33
clear events
D-7
1-24, E-16, E-105
copy backup-config
E-3
copy current-config
E-3
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-3
Index
copy license-key
debug module-boot downgrade
cryptographic account
C-12
Encryption Software Export Distribution Authorization from C-2
E-59
D-10
erase license-key
obtaining
C-15
hw-module module 1 reset setup
current configuration back up
E-58
hw-module module slot_number password-reset E-102
show health
E-81
E-89
show statistics virtual-sensor show tech-support show version
E-44 E-59
E-9
password
A-2
username
A-2 E-39
Diagnostic Panel accessing
E-2
alternate TCP reset interface inline interface pairs inline VLAN pairs
1-13
illustration indicators
1-13
5-14
5-14 5-14
disabling
1-13
1-12
physical interfaces
5-42
component list
configuration restrictions
1-12
anomaly detection
E-18
password recovery
E-13
disaster recovery
1-14
E-6
displaying
configuring automatic upgrades upgrades
3-10
device access issues
E-2
VLAN groups
installing (IPS 4240-DC)
defaults
E-86
configuration files
interfaces
3-10
debug-module-boot command
E-82
D-3, D-6
merging
6-22
described (IPS 4240-DC) debug logging enable
E-23, E-89
sw-module module slot_number password-reset
backing up
connecting (IPS 4360)
E-58, E-64, E-76
E-13
show statistics
upgrade
D DC power supply
show module 1 details show settings
E-2
E-11
B-1, B-4, B-8, B-13, B-17, B-21
show events
C-2
events
D-8
E-103
health status
D-4
connecting SFP/SFP+ modules
9-12
converting cable management arm
5-33
E-81
password recovery setting statistics
E-89
copy backup-config command
E-3
tech support information
copy current-config command
E-3
version
copy license-key command correcting time on the sensor creating the service account
C-12 1-24, E-16 E-5
E-13
E-82
E-86
downgrade command
D-10
downgrading sensors
D-10
downloading Cisco software duplicate IP addresses
C-1
E-26
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-4
OL-24002-01
Index
false positives
E
filtering electrical safety guidelines enabling debug logging
2-3
tuning IPS
E-44
described
C-2
fans (IPS 4270-20)
errors (Analysis Engine)
E-51
types
9-6
4-7
IPS 4345
6-6
IPS 4360
6-6
5-9
front panel switches
E-103
IPS 4260
E-102
4-7
IPS 4270-20
Event Store
5-9
FTP servers and software updates
clearing
D-2
E-105
clearing events no alerts
1-24, E-16
G
E-31
time stamp
1-24, E-16
global correlation
examples ASA failover configuration
license E-60, E-64, E-75
SPAN configuration for IPv6 support System Configuration Dialog
4-17
GRUB menu password recovery electrical safety 5-5
power supplies
2-3 2-6
4-21
slots (IPS 4270-20)
5-43
external product interfaces E-20 E-21
H hardware bypass autonegotiation
4-6, 5-7
configuration restrictions
F fail-over testing
E-8
guidelines 4-4
interface naming conventions (IPS 4270-20)
troubleshooting
E-18
grounding lugs (IPS 4260)
B-2
interface naming conventions (IPS 4260) slots (IPS 4260)
B-5
troubleshooting
1-16
expansion cards
issues
7-3
IPS 4270-20 5-11
E-105
displaying
IPS 4520
IPS 4260
events clearing
7-3
ASA 5585-X IPS SSP
4-8
IPS 4270-20
IPS 4510
front panel indicators 2-4
Ethernet port indicators IPS 4260
C-1
front panel features
C-15
ESD environment working in
5-50
5-50
files Cisco IPS (list)
C-2
erase license-key command
1-3
fan indicators (IPS 4270-20)
Encryption Software Export Distribution Authorization form cryptographic account
1-4
fail-over
4-5, 5-6
IPS 4260
4-5
4-5, 5-6
4-5, 5-6
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-5
Index
IPS 4270-20
described
5-6
link status changes and drops proper configuration
health status display
4-5, 5-6
4-5, 5-6
E-81
HTTP/HTTPS servers supported
1-17 1-17
installation preparation
2-1
installer major version
C-5
installer minor version
C-5
installing
D-2
hw-module module 1 reset command
illustration
supported sensors
4-6, 5-7, E-22
supported configurations with software bypass
4-6, 5-7, E-22
1-17
E-58
hw-module module slot_number password-reset command E-11
ASA 5500 AIP SSM cable management arm
IDM Analysis Engine is busy described
E-55
web browsers will not load
7-2, 9-2 E-54
IME 10 devices described
IPS 4240
3-8
IPS 4255
3-8
IPS 4260
4-17
IPS 4270-20
7-2, 9-2
7-3, 9-2
6-12
IPS 4360
6-12
IPS 4510
7-11
IPS 4520
7-11
initializing
E-57
5-50
C-12
sensor license
time synchronization problems
6-25
5-36
IPS 4345
license key
7-3, 9-2
5-29
DC power supply (IPS 4360) fans (IPS 4270-20)
I
8-5
C-10
SFP/SFP+ modules
9-12
system image
appliances
B-8
ASA 5500 AIP SSM
B-13
ASA 5500-X IPS SSP
D-22
ASA 5585-X IPS SSP
D-23
ASA 5500-X IPS SSP
B-17
IPS 4270-20
ASA 5585-X IPS SSP
B-21
D-14
IPS 4345
D-16
B-1, B-4
IPS 4360
D-16
user roles
B-1
IPS 4510
D-19
verifying
B-25
IPS 4520
D-19
sensors
inline interface pair mode configuration restrictions described illustration
interface cards 1-13
1-16 1-17
inline mode
IPS 4260 installing
4-21
removing
4-21
IPS 4270-20
interface cards
1-6
pairing interfaces
1-6
inline VLAN pair mode configuration restrictions
installing
5-43
removing
5-43
interfaces 1-13
alternate TCP reset
1-5
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-6
OL-24002-01
Index
command and control
configuration restrictions described
illustration
1-12
installation
1-4
TCP reset
3-8
rack mounting
1-4
support (table)
3-3
installing DC power supply
1-5, 1-6
slot numbers
3-3
indicators
1-4
port numbers sensing
front panel
1-5
3-6
specifications
1-6
3-4
IPS 4240-DC
1-11
internal health information in the Diagnostic Panel introducing ASA 5500 AIP SSM
5-42
described
3-10
installing
3-11
IPS 4255
8-2
ASA 5585-X IPS SSP
back panel (illustration)
9-2
IPS 4240
3-2
back panel indicators
IPS 4255
3-2
described
IPS 4260
4-2
features
IPS 4270-20
3-3
6-2
illustration
IPS 4360
6-2
indicators
IPS 4510
7-2
installing
IPS 4520
7-2
rack mounting
Intrusion Prevention System Manager Express. See IME. 9-2 Intrusion Prevention System Manager Express. See IME. 7-3 IPS 1-22
tuning
3-4
IPS 4260 4GE bypass interface card accessories kit
4-2
4-10
back panel features
4-8
chassis cover removing
4-20
replacing
4-20
4-1, 4-2
expansion card slots
1-19
features
4-8
4-21
4-7
front panel
IPS 4240 7200 series router
indicators
3-5
back panel (illustration) back panel indicators features
3-6
Ethernet port indicators
1-19
1-3
described
3-3
3-8
described
supported modules
3-3
specifications
1-21
Intrusion Prevention System Device Manager. See IDM. 7-2, 9-2
appliances
3-4
3-2
IPS 4345
restrictions
3-3
front panel
5-2
IPS appliances
3-10
3-1, 3-2 3-3
3-4
3-3
switches
4-7 4-7
grounding lugs
4-17
hardware bypass installing
4-5
4-17
interface cards
4-21
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-7
Index
power supply
front panel
4-23
interface naming conventions network ports
switches
4-2
password recovery performance
indicators
4-4
hardware bypass installation
4-9
rack mounting
fans
interface cards power supply sensing interfaces
4-21
interface cards
5-43
power supplies
5-45
installing system image
4-2
interface naming conventions maximum rack depth
supported interface cards
network ports
4-3, 4-4
IPS 4270-20
performance
5-3
back panel features chassis cover removing
5-40
rail system kit
replacing
5-40
described 5-33
5-1, 5-2
5-45
5-42
removing
described
5-14
described illustration
power supplies
5-45 5-3 5-20
5-15
switches and indicators (illustration)
5-43
T-15 Torx screwdriver
5-26 5-50
5-8
5-8
5-46
IPS 4345 back panel features
6-7
back panel features (illustration)
5-50
features
5-50
5-43
specifications
fan connector and indicator (illustration) fan indicators
interface cards
shallow rack installation
5-11
extending from a rack
D-14
sensing interfaces
5-11
expansion card slots
5-16
redundant power supplies
accessing
Ethernet port indicators
5-17
5-17
reimaging
5-14
5-11
minimum rack depth
Diagnostic Panel
illustration
E-8
5-3
rack requirements
converting cable management arm
5-17
power supply indicators
5-10
5-5
5-2
power supplies
5-16
D-14
5-3
password recovery
4GE bypass interface card
fans
5-18
4-23
4-9
accessories kit
5-29
5-50
in a rack
4-14
removing
described
5-45
5-36
cable management arm
4-11
specifications
5-6
installing
rack-mounting 2-post
5-8
hot-pluggable power supplies
4-2
power supply indicators 4-post
5-9
front view (illustration)
E-8
4-2
power supplies
5-9
described
6-7
6-2
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-8
OL-24002-01
Index
front panel (llustration)
cable management brackets
6-5
front panel indicators described indicators
6-6
installation
packing box contents password recovery power supplies
OIR
6-17
7-18
7-18
7-18
front panel indicators
D-16
described
6-2
7-4
illustration
7-4
front panel view
6-18
removing
6-18
back panel features
7-3
installing core IPS SSP
7-14
SFP/SFP+ modules
6-8
back panel features (illustration) connecting DC power supplies
6-22
installing system image Management 0/0
front panel (illustration)
7-12
slide rail kit hardware
6-8
6-2
7-19
D-19
7-11
management port described
6-5
front panel indicators described
6-6
memory requirements
7-11
7-10
OIR
6-6
fan supply modules
6-12
installing DC power supplies installing system image packing box contents password recovery power supplies
6-25
SFP/SFP+
6-4
7-2
password recovery
power supply indicator
described
E-8
7-7
illustration
D-16 6-25
6-2
IPS 4510
7-6
power supply modules installing
7-16
removing
7-16
requirements
7-6
back panel features (illustration)
7-9
power module indicators
6-16
6-17
removing DC power supplies
7-2
7-2
packing box contents
E-8
6-15
back panel features
not supported
7-2
power supply modules
D-16
power supplies(illustration)
specifications
7-7
7-18
removing
6-10
installing
reimaging
7-2
installing
6-16
AC power supply
installation
7-11
hot-pluggable
IPS 4360
indicators
7-32
fan modules
E-8
power supply indicator
described
installing
Ethernet port indicators
6-4
power supplies (illustration)
specifications
7-32
described
D-16
6-15
rack mounting
described
connecting cables
6-12
installing system image
reimaging
6-6
7-6
rack mounting reimaging
7-10
7-29
D-19
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-9
Index
removing core IPS SSP SFP ports
packing box contents
7-14
password recovery
7-12
shutting down
described
7-19
7-7
illustration
7-8
supported SFP+ modules supported SFP modules SwitchApp
7-6
power supply modules
7-11, 9-9 7-11, 9-9
7-34
IPS 4520
installing
7-16
removing
7-16
requirements
back panel features
rack mounting
7-6
back panel features (illustration) cable management brackets
7-6
reimaging SFP ports
installing
7-32
shutting down
SwitchApp
7-18
7-11, 9-9 7-11, 9-9
7-34
two power supply modules
7-18
7-19
7-8
supported SFP modules
hot-pluggable
7-16, 7-18
IPS software
7-18
removing
7-14
supported SFP+ modules
7-7
fan modules
OIR
7-12
specifications
Ethernet port indicators
7-14
slide rail kit hardware installation
7-11
7-2
installing
7-29
removing core IPS SSP
7-32
described
7-10
D-19
described
connecting cables
E-8
power module indicators
7-14
slide rail kit hardware installation specifications
7-9
available files
7-18
front panel indicators described
obtaining
7-3
installing core IPS SSP
7-14
SFP/SFP+ modules
7-12
slide rail kit hardware installing system image Management 0/0
C-6
IPS software file names
7-4
front panel view
C-1
platform-dependent release examples
7-4
illustration
C-1
7-19
D-19
7-11
management port described memory requirements
7-11
major updates (illustration)
C-4
minor updates (illustration)
C-4
patch releases (illustration)
C-4
service packs (illustration)
C-4
IPS SSP-10 front panel features (illustration)
9-4
IPS SSP-20 front panel features (illustration)
9-4
IPS SSP-40 front panel features (illustration)
9-5
IPS SSP-60 front panel features (illustration)
9-5
IPS SSP in the ASA 5585-X
7-10
OIR
9-2
IPv6 fan supply modules not supported
switches
7-2
power supply modules SFP/SFP+
SPAN ports
7-2
1-15
1-15
7-2
7-2
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-10
OL-24002-01
Index
modes
L
IDS license key
1-1
inline interface pair
installing
C-12
inline VLAN pair
obtaining
C-9
IPS
trial
C-9 C-15
1-15
VLAN groups
viewing status of
C-9
1-17
1-1
promiscuous
uninstalling
1-16
1-18
modules
licensing
ASA 5500 AIP SSM
described
C-9
ASA 5585-X IPS SSP
IPS device serial number
described
N
C-10 C-9
NTP
logging in
authenticated
appliances
A-2
described
ASA 5500 AIP SSM
A-4
1-23, E-14
1-23, E-15
incorrect configuration
ASA 5500-X IPS SSP
A-5
time synchronization
ASA 5585-X IPS SSP
A-6
unauthenticated
sensors SSH
1-24, E-15 1-23, E-15
1-23, E-14
verifying configuration
1-24
A-7
Telnet
A-7
service role
O
A-1
terminal servers user role
9-2
C-9
Licensing pane configuring
8-2
1-22, A-3, D-13
obtaining
A-1
cryptographic account
loose connections on sensors
5-52, 7-33, E-22
IPS software license key
C-1 C-9
sensor license
M
C-2
C-10
OIR major updates described
C-3
not supported for modules
Management 0/0 port described
7-11
supported
Management 0/1 described
7-11
fan modules
manual block to bogus host
E-41
power supply modules
master blocking sensor not set up properly
SFP/SFP+ E-42
verifying configuration merging configuration files MIBs supported
7-2
7-2 7-2
7-2
online insertion and removal. See OIR.
9-2
E-42 E-2
E-17
minor updates described
C-3 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
IN-11
Index
IPS 4270-20
P
hot-pluggable password recovery
installing
5-45
appliances
redundant
5-45
removing
5-45
E-8
ASA 5500-X IPS SSP
E-9
ASA 5585-X IPS SSP
E-11
CLI
power supply guidelines
E-13
2-6
power supply indicator
described
E-7
disabling
E-13
displaying setting GRUB menu IPS 4260
5-45
E-13
6-17
IPS 4360
6-17
power supply indicators
E-8
IPS 4260
E-8
IPS 4270-20
IPS 4345
4-9
IPS 4270-20 E-8
5-11
IPS 4510
7-6
IPS 4520
7-6
IPS 4345
E-8
IPS 4360
E-8
power supply modules
IPS 4510
E-8
hot-pluggable
IPS 4520
E-8
installing (IPS 4510)
7-16
platforms
E-7
installing (IPS 4520)
7-16
ROMMON
E-8
troubleshooting verifying
OIR E-14
7-16
redundant configuration
E-13
patch releases described
7-16
C-3
performance (IPS 4270-20)
5-2
physical connectivity issues
E-29
physical interfaces configuration restrictions
removing (IPS 4510)
7-16
removing (IPS 4520)
7-16
preparing for appliance installation atomic attacks described
1-15
1-15
Management 0/0
7-11
illustration
Management 0/1
7-11
packet flow
1-15
SPAN ports
1-15
7-12
SFP/SFP+
9-12
1-15
TCP reset interfaces
power supplies
VACL capture
described (IPS 4345)
6-16
describes (IPS 4360)
6-16
illustration (IPS 4345)
6-16
illustration (IPS 4560)
6-16
IPS 4260 4-23
removing
4-23
1-11
1-15
R rack mounting IPX 4345
installing
2-1
promiscuous mode 1-12
ports
SFP
7-16
6-10
rack-mounting IPS 4260 2-post
4-14
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-12
OL-24002-01
Index
4-post
ASA 5585-X IPS SSP
4-11
IPS 4270-20
chassis cover (IPS 4260)
extension
5-40
DC power supply (IPS 4360)
5-18
requirements
4-20
chassis cover (IPS 4270-20)
5-26
installation
6-25
last applied
5-17
IPS 4510
7-29
service pack
IPS 4520
7-29
signature update
racks
D-10 D-10
replacing
airflow requirements space requirements
chassis cover
5-17
IPS 4260
5-17
rail system
4-20
IPS 4270-20
maximum rack depth
5-17
minimum rack depth
5-17
rack hole-types (illustration) round holes
ASA 5500 AIP SSM
8-4
ASA 5585-X IPS SSP
5-16
9-4
racks airflow
5-16
threaded holes
5-40
requirements
5-16
square holes
space
5-16
rail system kit
5-17 5-17
reset not occurring for a signature
cable management arm contents
9-13
resetting
5-29, 5-32
ASA 5500 AIP SSM
5-17
IPS 4270-20
E-50
E-58
passwords
5-16
required tools
5-17
ASDM
recover command
D-11
hw-module command
E-11
sw-module command
E-9
recovering ASA 5500 AIP SSM recovery partition upgrade
resetting the password
E-59
recovering the application partition image D-6
reimaging
E-11, E-12
D-11
ASA 5500-X IPS SSP
E-9
ASA 5585-X IPS SSP
E-11
restoring the current configuration
ASA 5500-X IPS SSP
D-22
RJ-45 to DB-9 cable pinouts
ASA 5585-X IPS SSP
D-23
ROMMON
described
ASA 5585-X IPS SSP
D-2
IPS 4270-20
described
D-14
D-16
IPS 4270-20
IPS 4360
D-16
IPS 4345
D-16, E-8
IPS 4510
D-19
IPS 4360
D-16, E-8
IPS 4520
D-19
IPS 4510
D-19, E-8
D-2, D-11
IPS 4520
D-19, E-8
removing ASA 5500 AIP SSM
D-25
D-14
password recovery 8-7
F-3
D-12
IPS 4345
sensors
E-4
remote sensors
E-8
D-12
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-13
Index
serial console port TFTP
interface support
D-12
IP address conflicts
D-13
round-trip time. See RTT.
IPS mode
RTT
IPS tuning tips
described
1-6
1-1 1-3
logging in
D-13
TFTP limitation
E-26
SSH
D-13
A-7
Telnet
A-7
loose connections
S
5-52, 7-33, E-22
misconfigured access lists
scheduling automatic upgrades
models
D-8
information on Cisco Security Intelligence Operations C-8 sensing interfaces described
no alerts
1-6
E-31, E-56
not seeing packets
1-6
1-6
1-23, E-15
E-29
power supply guidelines
2-6
preventive maintenance
E-2
reimaging
sensor license
D-2
sensing process not running
installing
C-10
setup command
obtaining
C-10
site guidelines
sensors access problems
E-24
application partition image ASA 5500 AIP SSM
D-11
capturing traffic
command and control interfaces (list)
1-5
1-1
Comprehensive Deployment Solutions (illustration) 1-1 corrupted SensorApp configuration disaster recovery downgrading
E-34
TCP reset
1-2 1-23, E-14
upgrading
E-53
D-4
service account accessing
E-5
cautions
E-5
creating
E-5
described
E-5
service packs described
C-3
A-1
session command
D-10
ASA 5500 AIP SSM
2-3
1-1
incorrect NTP configuration B-1, B-4
1-19
service role
E-6
electrical guidelines
B-1, B-4, B-8
troubleshooting software upgrades
1-1
comprehensive deployment
E-28
2-5
supported
time sources
8-2
asymmetric traffic and disabling anomaly detection E-18
initializing
E-32
physical connectivity
1-6
interface cards
IDS mode
1-3
NTP time synchronization
Analysis Engine
modes
1-19
network topology
security
E-26
1-24, E-15
A-4
ASA 5500-X IPS SSP
A-5
ASA 5585-X IPS SSP
A-6
sessioning in ASA 5500 AIP SSM
A-4
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-14
OL-24002-01
Index
ASA 5500-X IPS SSP
A-5
signature engine updates (illustration)
ASA 5585-X IPS SSP
A-6
system image (illustration)
setting up terminal servers
platform-dependent
C-6 C-7
automatic
B-2
platform identifiers
command
B-1, B-4, B-8, B-13, B-17, B-21
platform-independent supported FTP servers
9-4
SFP/SFP+ port (illustration)
9-12
SFP modules
appliances
1-21
port issues
E-29
specifications ASA 5500 AIP SSM
7-10, 9-4, 9-9
supported (table)
7-11, 9-9
SFP port (illustration)
7-12
shallow rack installation (IPS 4270-20)
5-20
IPS 4240
3-4
IPS 4255
3-4
IPS 4260
4-9
show events command
E-102
IPS 4270-20
show health command
E-81
IPS 4345
6-2
IPS 4360
6-2
IPS 4510
7-8
IPS 4520
7-8
show interfaces command
E-100
show module 1 details command show settings command
E-58, E-64, E-76
E-13
show statistics command
show tech-support command show version command
E-23, E-89
components described
E-82
9-2 9-2
components
C-5
signatures
described
9-3 9-3
SSP-40
E-50
components
C-4
site guidelines for sensor installation SNMP supported MIBs
5-15
SSP-20
E-86
signature engine update files described
update files
8-4
SSP-10
E-88, E-89
show statistics virtual-sensor command
TCP reset
D-2
SPAN
7-11, 9-9
SFP+ modules described
described
D-2
supported HTTP/HTTPS servers
7-10, 9-9
supported (table)
C-6
software updates
B-2
SFP+ modules described
C-5
software release examples
1-22, A-3, D-13
setup
simplified mode
C-5
described
2-5
components
software bypass supported configurations
described
4-5, 5-6
SSP in slot 2
4-5, 5-6
software downloads Cisco.com
9-3 9-3
9-9
statistic display
C-1
software file names recovery (illustration)
9-3
SSP-60
E-17
with hardware bypass
9-3
E-89
subinterface 0 described supported
C-5
signature/virus updates (illustration)
1-18
C-4
FTP servers
D-2
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1 OL-24002-01
IN-15
Index
HTTP/HTTPS servers SwitchApp described
TFTP servers
D-2
recommended
7-34
UNIX
Switched Port Analyzer see SPAN switches and TCP reset interfaces
Windows
1-12
sw-module module slot_number password-reset command E-9 System Configuration Dialog described example
D-13
RTT
D-13
D-13
time correction on the sensor
B-2
sensors
B-2
1-24, E-16
1-23, E-14
time sources
system images
appliances
installing ASA 5500-X IPS SSP
D-22
ASA 5585-X IPS SSP
D-23
IPS 4270-20
D-14
IPS 4345
D-16
IPS 4360
D-16
IPS 4510
D-19
IPS 4520
D-19
1-23, E-15
ASA 5500-X IPS SSP
1-23, E-15
ASA 5585-X IPS SSP
1-23, E-15
trial license key
C-9
troubleshooting
E-1
Analysis Engine busy
E-55
applying software updates
E-52
ARC blocking not occurring for signature device access issues
T T-15 Torx screwdriver (IPS 4270-20) TAC
E-41
inactive state
E-37
E-39
misconfigured master blocking sensor verifying device interfaces
service account
E-5 E-82
TCP reset interfaces conditions
1-12
described
E-58
debugging
E-59
recovering
1-11
switches
commands
failover scenarios
1-11
reset
promiscuous mode
1-11
E-60
E-59
E-58
commands
TCP resets
E-64
failover scenarios E-50
signature actions
testing fail-over
commands E-82
1-22, A-3, D-13
4-5, 5-6
E-63
ASA 5585-X IPS SSP
1-2
tech support information display terminal server setup
E-40
ASA 5500-X IPS SSP
1-12
not occurring
E-42
ASA 5500 AIP SSM
show tech-support command
list
5-46
enabling SSH
E-41
E-76
failover scenarios
E-74
traffic flow stopped automatic updates
E-52
cannot access sensor cidDump
E-76
E-24
E-105
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-16
OL-24002-01
Index
cidLog messages to syslog communication
upgrading
E-49
verifying Analysis Engine is running
E-23
corrupted SensorApp configuration debug logger zone names (table) debug logging
Diagnostic Panel (IPS 4270-20)
enabling debug logging gathering information global correlation
5-42
E-26
IPS
1-3
tips
1-3
U
E-21
unassigned VLAN groups described
E-80
unauthenticated NTP
E-18
upgrade command
cannot access sensor will not load
E-55
E-57
application partition
1-23, E-15
manual block to bogus host misconfigured access list
latest version
E-41 E-26
sensors
D-11
D-6
D-4
upgrading IPS software (upgrade notes and caveats)
E-50
URLs for Cisco Security Intelligence Operations
password recovery
E-14
preventive maintenance
E-29
debug logging
E-2
C-8
sensing process not running
E-44
TCP reset interfaces
reset not occurring for a signature
1-12
E-50
E-28
V
E-102
sensor loose connections
5-52, 7-33, E-22
sensor not seeing packets
E-32
sensor software upgrade
E-53
E-5
show events command
E-101
show interfaces command show statistics command show version command E-51
verifying ASA 5585-X IPS SSP installation NTP configuration
1-24
password recovery
E-13
sensor initialization
E-100 E-88
show tech-support command
SPAN
D-1
using
physical connectivity issues
software upgrades
D-1
E-51
recovery partition
E-31, E-56
port issue
D-3, D-6
upgrading
IME time synchronization
service account
C-15
upgrade notes and caveatsu(pgrading IPS software)
E-54
IPS clock time drift
1-18
1-23, E-14
uninstalling the license key
IDM
sensor events
E-36
tuning
E-48
E-44
external product interfaces
no alerts
E-19
E-6
duplicate sensor IP addresses
NTP
verifying ARC status
E-34
E-44
disaster recovery
E-51
sensor setup version display
E-82, E-83
E-85, E-86
9-13
B-25
B-25 E-86
viewing license key status
C-9
virtualization advantages
E-16
E-29 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
IN-17
Index
restrictions
E-17
supported sensors
E-17
traffic capture requirements
E-17
VLAN groups 802.1q encapsulation
1-18
configuration restrictions deploying
1-18
described
1-18
switches
1-14
1-18
W warning circuit breaker
6-20
exposed DC wire
6-22
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
IN-18
OL-24002-01
