Correcting The Time On The Sensor; Installation Preparation - Cisco IPS-4240-K9 - Intrusion Protection Sys 4240 Installation Manual

Intrusion prevention system appliances and modules 5.0

Hide thumbs Also See for IPS-4240-K9 - Intrusion Protection Sys 4240:

Installation instructions manual (14 pages)

Getting started manual (12 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

page of 196

/ 196
Contents
Table of Contents
Bookmarks

Table of Contents

Installation Preparation

Correcting the Time on the Sensor

If you set the time incorrectly, your stored events will have the incorrect time because they are stamped

with the time the event was created.

The Event Store time stamp is always based on UTC time. If during the original sensor setup, you set

the time incorrectly by specifying 8:00 p.m. rather than 8:00 a.m., when you do correct the error, the

corrected time will be set backwards. New events might have times older than old events.

For example, if during the initial setup, you configure the sensor as central time with daylight saving

time enabled and the local time is 8:04 p.m., the time is displayed as 20:04:37 CDT and has an offset

from UTC of -5 hours (01:04:37 UTC, the next day). A week later at 9:00 a.m., you discover the error:

the clock shows 21:00:23 CDT. You then change the time to 9:00 a.m. and now the clock shows 09:01:33

CDT. Because the offset from UTC has not changed, it requires that the UTC time now be 14:01:33 UTC,

which creates the time stamp problem.

To ensure the integrity of the time stamp on the event records, you must clear the event archive of the

older events by using the clear events command. For more information on the clear events command,

refer to

You cannot remove individual events.

Caution

Installation Preparation

To prepare for installing sensors, follow these steps:

Step 1

Review the safety precautions outlined in

Intrusion Prevention System 4200 Series Appliance

Step 2

To familiarize yourself with the IPS and related documentation and where to find it on Cisco.com, read

Documentation Roadmap for Cisco Intrusion Prevention System

Step 3

Obtain the

them before proceeding with the installation.

Step 4

Unpack the sensor.

Installing Cisco Intrusion Prevention System Appliances and Modules 5.0

1-16

Use NTP

–

You can configure AIP-SSM to get its time from an NTP time synchronization source, such as

a Cisco router other than the parent router. For the procedure, refer to

Router to be an NTP

Server. You will need the NTP server IP address, the NTP key ID, and the

NTP key value. You can configure AIP-SSM to use NTP during initialization or you can set up

NTP through the CLI, IDM, or ASDM.

Note

We recommend that you use an NTP time synchronization source.

Clearing Events from the Event

Release Notes for Cisco Intrusion Prevention System 5.0

Store.

Regulatory Compliance and Safety Information for the Cisco

Sensor.

5.0.

Chapter 1

Introducing the Sensor

Configuring a Cisco

from Cisco.com and completely read

78-16124-01

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Ids-4210 Ids-4215 Ids-4235 Ids-4250 Idsm-2 Ips-4240 ... Show all

Correcting The Time On The Sensor; Installation Preparation - Cisco IPS-4240-K9 - Intrusion Protection Sys 4240 Installation Manual

Installation Preparation

Correcting the Time on the Sensor

Hide quick links:

Related Manuals for Cisco IPS-4240-K9 - Intrusion Protection Sys 4240

Related Content for Cisco IPS-4240-K9 - Intrusion Protection Sys 4240

This manual is also suitable for:

Table of Contents