Table of Contents
Advertisement
Edit IPS
Name
Size
Time Modified
Assign Actions
Cisco Router and Security Device Manager 2.5 User's Guide
27-50
Click Name to order the files and directories alphabetically based on name.
Clicking Name again will reverse the order.
Click Size to order the files and directories by size. Directories always have a size
of zero bytes, even if they are not empty. Clicking Size again will reverse the
order.
Click Time Modified to order the files and directories based on modification date
and time. Clicking Time Modified again will reverse the order.
This window contains the actions that can be taken upon a signature match.
Available actions depend on the signature, but the most common actions are listed
below:
alarm—Generate an alarm message. Same as produce-verbose-alert.
•
deny-attacker-inline—Create an ACL that denies all traffic from the IP
•
address considered to be the source of the attack by the Cisco IOS IPS system.
Same as denyAttackerInline.
deny-connection-inline—Drop the packet and all future packets on this TCP
•
flow. Same as produce-alert and denyFlowInline.
deny-packet-inline—Do not transmit this packet (inline only). Same as
•
drop.
denyAttackerInline—Create an ACL that denies all traffic from the IP
•
address considered to be the source of the attack by the Cisco IOS IPS system.
Same as deny-attacker-inline.
denyFlowInline—Create an ACL that denies all traffic from the IP address
•
that is considered the source of the attack belonging to the 5-tuple (src ip, src
port, dst ip, dst port and l4 protocol). denyFlowInline is more granular than
denyAttackerInline. Same as produce-alert and deny-connection-inline.
drop—Drop the offending packet. Same as deny-packet-inline.
•
Chapter 27
Cisco IOS IPS
OL-4015-12
Advertisement
Table of Contents
Troubleshooting
