Table of Contents
Advertisement
Import Signatures
Autosave
Cisco Intrusion Prevention Alert Center
IPS-Supplied Signature Definition Files
Note
Cisco Router and Security Device Manager Version 2.2 User's Guide
19-50
Check this option if you want the router to automatically save the SDF in the event
of a router crash. This eliminates the need for you to reconfigure IPS with this
SDF when the router comes back up.
The Cisco Intrusion Prevention Alert center provides information on emerging
threats and links to the Cisco IPS signatures available to protect your network
from them. The Cisco Intrusion Prevention Alert Center is available at this link:
http://www.cisco.com/pcgi-bin/front.x/ipsalerts/ipsalertsHome.pl
To ensure that the router has available as many signatures as its memory can
accommodate, IPS is shipped with one of the following SDFs:
256MB.sdf—If the amount of RAM available is greater than 256 MB.
•
256MB.sdf contains 500 signatures.
128MB.sdf—If the amount of RAM available is between 128 MB and 256
•
MB. 128MB.sdf contains 300 signatures.
attack-drop.sdf—If the amount of available RAM is 127 MB or less.
•
attack-drop.sdf contains 82 signatures.
The router must be running a Cisco IOS image of release 12.3(14)T or later to be
able to use all the available signature engines in 256MB.sdf and 128MB.sdf. If the
router runs a Cisco IOS image of an earlier release, not all signature engines will
be available.
To use an SDF in router memory, determine which SDF has been installed, and
then configure IPS to use it. The procedures that follow show you how to do this.
Chapter 19
Intrusion Prevention System
OL-4015-08
Advertisement
Table of Contents
Troubleshooting
