I have 10 new IPS devices, i have to do the coniguration on all the 10 devices, the configuration on all the 10 devices wil be same........Is there an easy way to configure multiple devices at the same time (is there any script that can do that) or is there any way to automate this task?
Re: configuring multiple IPS devices at the sametime
Another option is to configure one sensor the way you want, as with Bob's recommendation. Then copy the current configuration to a remote server (FTP, SCP, HTTP or HTTPS):
copy current-config ftp:
Follow the prompts to provide the necessary credentials. (This example is using a FTP server)
Next perform the minimal host configuration on each remaining sensor (IP address, access-list), and then copy the saved configuration to each sensor:
copy ftp: current-config
Again, provide the necessary credentials as prompted.
You will then be prompted as to whether to overwrite the host settings; choose not to do so. This should implement all other sensor options you had configured on the initial sensor.
Also, as Bob mentioned, this method is sufficient for initial configuration; long-term policy management can be challenging with these processes. If you will be looking to perform frequent and consistent signature tuning across all ten sensors you may wish to consider making use of Cisco Security Manager which allows you to create a shared signature policy. This allows you to make the changes to one IPS policy and deploy that policy to all ten sensors concurrently.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :