Import Signatures - Cisco OL-4015-08 User Manual

Import Signatures

Outbound Filter
...Button
Enable fragment checking for this interface
Enable fragment checking on other interfaces
Import Signatures
Cisco Router and Security Device Manager Version 2.2 User's Guide
19-38
(Optional) Enter the name or number of the access rule that specifies the outbound
traffic to be examined. The ACL that you specify appears in the IPS Rules
Configuration window when the interface with which it is associated is selected.
If you need to browse for the access rule or create a new one, click the ... button.
Use this button to specify a filter. Clicking this button displays a menu with the
following option:
Select an existing rule.
•
Create a new rule.
•
None (clear rule association). Use this option to remove a filter from a traffic
•
direction to which it has been applied.
(Enabled by default). Check if you want IOS firewall to check for IP fragments on
this interface. See VFR Status
If fragment checking is enabled for outbound traffic, the router must examine the
inbound traffic that arrives on the interfaces that send outbound traffic to the
interface being configured. Specify these interfaces below.
If the Inbound radio button is selected, this area does not appear.
IPS prevents intrusion by comparing traffic against the signatures of known
attacks. Cisco IOS images that support IPS have built-in signatures that IPS can
use, but you can also have IPS import signatures for the router to use when
examining traffic. Imported signatures are stored in a Signature Definition File
(SDF).
Click the Import Signatures tab to import a Signature Definition File (SDF).
Select a Rule has more information.
Add or Edit a Rule has more information.
for more information.
Chapter 19 Intrusion Prevention System
OL-4015-08