Manualshelf

User manual

ManualsBrandsCisco Systems ManualsSoftwareHome Security System IPS 7.1
301302303304305306307308309310
CHAPTER
9-1
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
9
Configuring Anomaly Detection
This chapter describes anomaly detection (AD) and its features and how to configure them. This chapter
contains the following topics:
Anomaly Detection Notes and Caveats, page 9-2
Understanding Security Policies, page 9-2
Understanding Anomaly Detection, page 9-2
Understanding Worms, page 9-2
Anomaly Detection Modes, page 9-3
Anomaly Detection Zones, page 9-4
Anomaly Detection Configuration Sequence, page 9-5
Anomaly Detection Signatures, page 9-6
Enabling Anomaly Detection, page 9-8
Working With Anomaly Detection Policies, page 9-9
Configuring Anomaly Detection Operational Settings, page 9-10
Configuring the Internal Zone, page 9-12
Configuring the Illegal Zone, page 9-20
Configuring the External Zone, page 9-29
Configuring Learning Accept Mode, page 9-37
Working With KB Files, page 9-40
Displaying Anomaly Detection Statistics, page 9-47
Disabling Anomaly Detection, page 9-49