Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IOS IPS - only 3 Signatures...

Hi,

I have a 2801 running Advanced IP Services version 12.4(24)T.

I have enabled the IOS_IPS feature but in looking at the IP IPS ALL command I see only 3 signatures enabled.

I was reading the docs and was going to download the 128.SDF sinature file to the router - but it is too large for my 64Meg of flash.

I expected to see a SDF file somewhere in the flash - but I cannot find it.

What should I be doing at a minimum to get basic IPS running?

Why do all the Micro Engine Signatures show INACTIVE?

Any help would be appreciated.

1 REPLY

Re: IOS IPS - only 3 Signatures...

The base SDF signature file has a very limited signature base. You'll need to increase your flash if plan to put this into production. You probably have a directory in flash where the pkg files are stored. Here's a great guide that I used to get IPS working.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper0900aecd805c4ea8.html

Hope that helps.

192
Views
0
Helpful
1
Replies
CreatePlease to create content