Seems like I'm trying to learn another language reading the IPS command line interface guide! (Im a traditional routing/switching person)
Does anyone know if there are any useful configuration examples for the AIP-SSM10 ?
I don't believe what I'm doing is rocket science, I just need to monitor two front end web servers and a back end SQL box for weird activity.
I have two asa5520's configured in a failover pair each contains an AIP-SSM10.
I have uploaded the latest signatures to the AIP, but just need to configure them. I haven't turned on the policy to route the traffic to the AIPs from the ASA yet as want to tune the configs on the AIPs first.
Tuning the IPS signatures is going to be customized for every network, depending on what exactly you're looking for. The signatures are grouped into various categories and you can selectively enable/disable these categories, or just accept the default signatures. There's not a lot of configuration that needs to be done on the signatures. You just need to make sure to tune out your false positives by watching your events as they come in and seeing what events are actual attacks and which could be deemed permissible.
So to answer your question, there isn't really a config example for the IPS component. The quickest way to get up and running is to connect to the network port on the front of the module and load the SDM (HTTPS interface) of the IPS and review your signature settings there.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :