Cisco ASA 5505 Configuration Manual page 1149

Chapter 54 Configuring the IPS Application on the AIP SSM and SSC
Assigning Virtual Sensors to a Security Context (AIP SSM Only)
If the adaptive security appliance is in multiple context mode, then you can assign one or more IPS
virtual sensors to each context. Then, when you configure the context to send traffic to the AIP SSM,
you can specify a sensor that is assigned to the context; you cannot specify a sensor that you did not
assign to the context. If you do not assign any sensors to a context, then the default sensor configured on
the AIP SSM is used. You can assign the same sensor to multiple contexts.
You do not need to be in multiple context mode to use virtual sensors; you can be in single mode and use
Note
different sensors for different traffic flows.
Prerequisites
For more information about configuring contexts, see the
page
Detailed Steps
In the ASDM Device List pane, double-click System under the active device IP address.
Step 1
Step 2 On the Context Management > Security Contexts pane, choose a context that you want to configure, and
click Edit.
The Edit Context dialog box appears. For more information about configuring contexts, see the
"Configuring a Security Context" section on page
In the IPS Sensor Allocation area, click Add.
Step 3
The IPS Sensor Selection dialog box appears.
Step 4 From the Sensor Name drop-down list, choose a sensor name from those configured on the AIP SSM.
Step 5 (Optional) To assign a mapped name to the sensor, enter a value in the Mapped Sensor Name field.
This sensor name can be used within the context instead of the actual sensor name. If you do not specify
a mapped name, the sensor name is used within the context. For security purposes, you might not want
the context administrator to know which sensors are being used by the context. Or you might want to
genericize the context configuration. For example, if you want all contexts to use sensors called
"sensor1" and "sensor2," then you can map the "highsec" and "lowsec" sensors to sensor1 and sensor2
in context A, but map the "medsec" and "lowsec" sensors to sensor1 and sensor2 in context B.
Click OK to return to the Edit Context dialog box.
Step 6
(Optional) To set one sensor as the default sensor for this context, from the Default Sensor drop-down
Step 7
list, choose a sensor name.
If you do not specify a sensor name when you configure IPS within the context configuration, the context
uses this default sensor. You can only configure one default sensor per context. If you do not specify a
sensor as the default, and the context configuration does not include a sensor name, then traffic uses the
default sensor on the AIP SSM.
Repeat this procedure for each security context.
Step 8
OL-20339-01
6-17.
"Configuring a Security Context" section on
6-17.
Cisco ASA 5500 Series Configuration Guide using ASDM
Configuring the AIP SSM/SSC
54-7