- Cisco Network Router User's Manual
B-24
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Appendix B Initializing the Sensor
Verifying Initialization
event-action-rules rules0
anomaly-detection
anomaly-detection-name ad0
exit
physical-interfaces PortChannel0/0
exit
exit
service event-action-rules rules0
overrides deny-packet-inline
override-item-status Disabled
risk-rating-range 90-100
exit
exit
[0] Go to the command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration and exit setup.
Step 22
Enter
2
to save the configuration.
Enter your selection[2]: 2
Configuration Saved.
Step 23
Reboot the ASA 5585-X IPS SSP.
ips-ssp# reset
Warning: Executing this command will stop all applications and reboot the node.
Continue with reset? []:
Step 24
Enter
yes
to continue the reboot.
Step 25
After reboot, log in to the sensor, and display the self-signed X.509 certificate (needed by TLS).
ips-ssp# show tls fingerprint
MD5: C4:BC:F2:92:C2:E2:4D:EB:92:0F:E4:86:53:6A:C6:01
SHA1: 64:9B:AC:DE:21:62:0C:D3:57:2E:9B:E5:3D:04:8F:A7:FD:CD:6F:27
Step 26
Write down the certificate fingerprints. You need the fingerprints to check the authenticity of the
certificate when using HTTPS to connect to this ASA 5585-X IPS SSP with a web browser.
Step 27
Apply the most recent service pack and signature update. You are now ready to configure your
ASA 5585-X IPS SSP for intrusion prevention.
For More Information
For the procedure for using HTTPS to log in to the IDM, refer to Logging In to the IDM.
Verifying Initialization
Note
The CLI output is an example of what your configuration may look like. It will not match exactly due to
the optional setup choices, sensor model, and IPS 7.1 version you have installed.