Header

Sections

Syndication

Blogroll:

||||| ALL Cisco-Network ARTICLES |||||
CCIE Journey,
The CCIE Journey,

Home : Intrusion Detection System : Configuring IP Fragment Reassembly

Email to a friend email

email

Print version print

print

Configuring IP Fragment Reassembly

Nov 25,2008 by admin

small font

medium font

large font

Configuring IP Fragment Reassembly

To configure IP fragment reassembly, follow these steps:

Select the Sensing tab on the sensor you want to configure.

Check the Reassemble Fragments check box (refer to Figure 7.22).

Figure 7.22: The Sensing Tab
Enter the settings for Maximum Partial Datagrams, Maximum Fragments Per Datagram, and Fragmented Datagram Timeout.
Once you have finished configuring the Sensing parameters, click OK, then save and update your configuration.

From the Command tab, click Approve Now to push the new configuration to your sensor.

Note

Cisco's recommended guidelines for determining the maximum partial datagrams and maximum fragments per datagram is as follows (it takes a little math here):

The partial datagrams multiplied by the fragments per datagram should be less than 2,000,000. This applies to all 4200 series sensors running versions 2.2.1.5 or 2.5(X).
The partial datagrams multiplied by the fragments per datagram should be less than 5000. This applies to the IDSMs running versions 2.5(X).

230 times read

Related news

» IP Fragment Reassembly
by admin posted on Nov 25,2008
» Sensing Properties
by admin posted on Nov 25,2008
» Configuring TCP Session Reassembly
by admin posted on Nov 25,2008
» Configuring the Sensing Parameters
by admin posted on Nov 25,2008
» Configuration Area
by alperen posted on Mar 04,2010

Did you enjoy this article?

(total 0 votes)

comment

Comments (0 posted)

More Top News

CCSP-Cisco Certified Security Professional

Cisco SAFE Implementation

Preparation Documents

Skills Required for the Exam

Cisco SAFE Implementation Questions and Answers

Access Control Lists Cisco

Access List Basics

Standard Access Lists

Extended Access Lists

TCP Access Lists

UDP Access Lists

ICMP Access Lists

Named Access Lists

Signature and Alarm Management Review

Signature and Alarm Management Review Questions and Answers

Managing Alarms

Event Viewer Customization

Preference Settings

Sensor Installation

Connecting to Your Network Sensor Appliance

Sensor Bootstrap

Sensor Installation and Configuration Review

Sensor Installation and Configuration Questions and Answers

Signature and Alarm Management

CIDS Signatures

Signature Series

Signature Implementations

Signature Classes

Signature Types

Signature Severity

Most Popular

Privilege Levels

Managing the Router's ARP Cache

Configuring SIP on a Cisco Router

IDS Signatures Grouped by Software Release Version

Most Commented

Exploring the Navigation Bar

Site Qualification Test (SQT)

PDAs as Diagnostic Tools

Featured Author

alperen