Chapter 27
Cisco IOS IPS
Enable or Edit IPS on an Interface
Both, Inbound, and Outbound Buttons
Inbound Filter
Outbound Filter
... Button
Enable fragment checking for this interface
OL-4015-12
Use this window to choose the interfaces on which you want to enable intrusion
detection, and to specify the
Use these buttons to specify whether you are going to enable Cisco IOS IPS on
both inbound and outbound traffic, only inbound traffic, or only outbound traffic.
(Optional) Enter the name or number of the access rule that specifies the inbound
traffic to be examined. The ACL that you specify appears in the IPS Rules
Configuration window when the interface with which it is associated is chosen. If
you need to browse for the access rule or create a new one, click the ... button.
(Optional) Enter the name or number of the access rule that specifies the outbound
traffic to be examined. The ACL that you specify appears in the IPS Rules
Configuration window when the interface with which it is associated is chosen. If
you need to browse for the access rule or create a new one, click the ... button.
Use this button to specify a filter. Click to display a menu with the following
options:
Choose an existing rule. See
•
Create a new rule. See
•
None (clear rule association). Use this option to remove a filter from a traffic
•
direction to which it has been applied.
(Enabled by default). Check if you want the Cisco IOS firewall to check for IP
fragments on this interface. See
Cisco Router and Security Device Manager 2.5 User's Guide
IPS
filters for examining traffic.
Select a Rule
for more information.
Add or Edit a Rule
for more information.
VFR Status
for more information.
Edit IPS
27-13