Mainapp Responsibilities - Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual

MainApp

MainApp Responsibilities

MainApp has the following responsibilities:
•
•
•
•
•
•
•
•
MainApp responds to the show version command by displaying the following information:
•
•
•
•
•
•
•
MainApp also gathers the host statistics.
The following applications are now part of MainApp and are responsible for event storage, management,
actions, and communication: Event Store, NotificationApp, CtlTransSource, Network Access
Controller, and LogApp.
These applications contain the following new features:
•
•
•
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
A-6
Validate the Cisco-supported hardware platform
Report software version and PEP information
Start, stop, and report the version of the IPS components
Configure the host system settings
Manage the system clock
Manage the Event Store
Install and uninstall software upgrades
Shut down or reboot the operating system
Sensor build version
MainApp version
Version of each running application
Version and timestamp of each installed upgrade
Next downgrade version of each installed upgrade
Platform version (for example, IDS-4240, WS-SVC-IDSM2)
Version of sensor build on the other partition
SNMP support through NotificationApp
Support for SNMP is one of the most significant changes for the management interface of the
system. Through SNMP you can obtain standard health and welfare information about the system.
Signatures have a new action of SNMP notification that causes an SNMP trap to be sent when the
signatures fires.
SNMP version 2 is the only version of SNMP supported.
Event storage and retrieval
The oldest entries expire in Event Store when there is no more room for new entries. RDEP provides
different queries for retrieving just audit data vs. IPS alert data. All RDEP and RDEP2 SDEE queries
are supported. All events are stored in SDEE CIDEE format.
New "health" control transaction
A new health and welfare type of control transaction is defined in the IDCONF specification. This
control transaction reports the status and welfare of the system.
Appendix A System Architecture
78-16527-01