AIP-SSM20

Answered Question
Jun 19th, 2010

Hi friends,

As i have been through the CLI guide for Advanced setup of AIP-SSM it says while setting up AIP-SSM for the first time it says to create a new virtual sensor and new signature,why we need to create when i m running my ASA in single mode and there are no multiple context configured in my ASA,

Is it necessary tocreate new virtual sensor and signatures???

Thanks

I have this problem too.
0 votes
Correct Answer by edadios about 6 years 5 months ago

I think you are reffering to the wizard as documented here :

http://www.cisco.com/en/US/customer/docs/security/ips/7.0/configuration/guide/idm/idm_startup_wizard.html#wp2109548

What you really needed to do on a new sensor is to enable an interface, and assign that interface to the existing default configured virtual sensor.

The document is talking about assigning a signature policy, but otherwise, you do not need to configure a new signature, as the default virtual sensor, will already have assigned to it, the default signature policies as pre configured.

Working on Cisco IPS sensor, it is best practice to be tuning the sensor according to your network security policy and requiremenrt.

Otherwise the IPS signature team from Cisco is constantly reviewing the signature sets they have preconfigured on every signature releases for relevance and security protection of networks.

Ensure you have  installed a valid license on the sensor and set for updating the sensor as new signatures are released.

Regards,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
edadios Sat, 06/19/2010 - 16:43

I think you are reffering to the wizard as documented here :

http://www.cisco.com/en/US/customer/docs/security/ips/7.0/configuration/guide/idm/idm_startup_wizard.html#wp2109548

What you really needed to do on a new sensor is to enable an interface, and assign that interface to the existing default configured virtual sensor.

The document is talking about assigning a signature policy, but otherwise, you do not need to configure a new signature, as the default virtual sensor, will already have assigned to it, the default signature policies as pre configured.

Working on Cisco IPS sensor, it is best practice to be tuning the sensor according to your network security policy and requiremenrt.

Otherwise the IPS signature team from Cisco is constantly reviewing the signature sets they have preconfigured on every signature releases for relevance and security protection of networks.

Ensure you have  installed a valid license on the sensor and set for updating the sensor as new signatures are released.

Regards,

estelamathew Thu, 06/24/2010 - 14:09

thanks,edadios

the link u have provided me is broken, but the issue has been solved.

thanks again

Actions

This Discussion