Cisco ESW-540-48 Administration Guide - Page 131
Configuring IPS, Intrusion Prevention System, Active Users,
UPC - 882658251351
View all Cisco ESW-540-48 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 131 highlights
Intrusion Prevention System Configuring IPS 5 Configuring IPS You configure IPS from the IPS Setup page. From this page you can enable IPS for the security zone you want to protect (LAN or DMZ), update the IPS signatures, and view the IPS status. STEP 1 Click IPS > IPS Setup, or from the Getting Started (Advanced) page, under Intrusion Prevention System, click Update Signatures. The IPS Configuration window opens. • IPS Enable: By default, IPS is disabled. To enable IPS for a particular zone, select either LAN or DMZ or both for the zone(s) that you want to protect. For example: Enabling IPS protection on the LAN zone enforces IPS on all incoming and outgoing LAN traffic. Click Apply to save your settings. • IPS Status: Displays the IPS Signatures status including the IPS license expiration date, the signature file version, and the date that the security device last checked for signature updates. - Click the View IPS Logs link to view the IPS log messages. To display messages generated by IPS, you must choose IPS as the facility. For more information see Active Users, page 213. • Automatic Signature Updates: IPS uses signature files to identify an attack in progress. You can configure the security appliance to automatically update the IPS signatures when they become available. - To enable the auto update option, check the Automatically Update Signatures box. Enter your Cisco.com User Name and Password to authenticate to the signature update server. These credentials are only required once. Click Apply to save your settings. NOTE The Cisco username and password details once applied are applicable to all other services on the router which use them. For example, the Cisco username and login used in Administration is automatically updated for IPS signature downloads. - Click Update Now to immediately update new signatures if they are available. This option is only active if the Automatically Update Signature box is checked. Cisco SA500 Series Security Appliances Administration Guide 131