Posts from ‘IPS’

Nov
24

For Part 2 of this series, click here.

The following questions will be added to the Core Knowledge Simulation engine.   Answers will be provided in the comments section.

Implement Identity Management

Refer to the diagram.   The software running on the PC performs what role? Continue Reading

Tags: , , , , ,

Sep
02

Beginning in October 2009, students will be required to demonstrate mastery of the Cisco IOS Intrusion Prevention System (IPS) for the CCIE R/S track. This blog post introduces candidates to this relatively new security feature. Note this series of blog posts will focus on Tier 1 knowledge. This information allows mastery for the Core Knowledge section and builds a foundation for later mastery at the Command Line Interface.

Intrusion Prevention replaces mere Intrusion Detection from previous IOS versions. IDS for the IOS was certainly nice (you get alerted when a security attack is occurring), but obviously, stopping an attack is much more powerful.

Continue Reading

Tags: , , ,

Jan
12

I.    Device Manager

a.    Intro

i.    IDM lives on the sensor and gives you a GUI option for managing the device
ii.    TLS/SSL

1.    used to secure communications

Continue Reading

Tags: , , ,

Jan
11

I. IPS CLI

a. Overview

i. Accessing

1. SSH

2. Serial interface (console)

3. Telnet (disabled by default)

Continue Reading

Tags: , , , ,

Jan
05

Here is a portion of some notes that I came across for IPS – instead of wasting away on my hard drive, I figured I would post in case some of you might enjoy. I will post more sections if I receive no hate mail :-)

I. IPS Overview

a. Detection versus Protection

i. Detect can do just that – detect

ii. Prevention systems can detect and prevent – risks include latency, false positives, and the risk of the device being overrun

Continue Reading

Tags: ,

Sep
30

This is obviously a very short list. Remember, we recommend use of the Cisco Intrusion Prevention System Device Manager (IDM) for management and configuration of the device during the lab exam. While this graphical user interface (GUI) will be used for most tasks, there are still some useful and quick command line verification tasks for you here.

IPS CLI 5.1

Initial Setup

more current-config
more current-config | include COMMAND
ping
show interfaces
show version
trace

Operation

show events
show os-identification
show settings
show settings terse | begin COMMAND
show statistics
show statistics SERVICE_NAME

Tags: , , , ,

Categories

CCIE Bloggers