Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : Intrusion Detection System : Configuring the Appliance Sensor

Configuring the Appliance Sensor

Nov 24,2008 by admin

small font medium font large font
image

Configuring the Appliance Sensor

Introduction

Once the Cisco Network IDS appliance sensor has been installed, the next step before deployment of the sensor is configuration. The installation of the sensor software (whether by Cisco before shipping to the customer or through the upgrade process) leaves the appliance with specific default settings that are unsuitable for production deployment. This chapter covers the configuration and use of Secure Shell (SSH) for remote access and management, the application of new configurations to the sensor, and how to configure logging on the sensor. Secure shell has been the method of choice for accessing the command line interface (CLI) of the appliance since early versions of the IDS software. This is because Secure Shell provides the administrator the capability of establishing a secure communication channel with the sensor.

This chapter covers the initial configuration of the sensor appliance through the console interface as well as how to configure the appliance sensor using the command line interface through Secure Shell, configuring for remote access to the sensor, applying the modified sensor configuration to the device, logging, and how to upgrade the IDS sensor software and signature pack. Up-to-date signature packs are critical to the value of the IDS within the overall framework of security in the network. Without up-to-date signature packs, the sensor will not be able to detect newer exploits and attacks.

Logging allows the development of a baseline for alarms that may be detected on the network. These alarms may well represent benign traffic that the IDS sensor misinterprets as possible attacks—termed "false alarms." Signature tuning can reduce the number of false alarms generated by the sensor, leaving only valid alarms that require investigation.


200 times read

Related news
» Cisco IDS Alarms and Signatures
by admin posted on Nov 24,2008
» Sensor Installation
by alperen posted on Mar 10,2010
» Configuring Signatures and Alarms
by admin posted on Nov 26,2008
» Updating Sensor Software (IDS 4.0) from the Command Line
by admin posted on Nov 24,2008
» Upgrading the Sensor
by admin posted on Nov 24,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

admin

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.