Manualshelf

User`s guide

ManualsBrandsCisco ManualsComputer equipmentOL-4015-08
411412413414415416417418419420
Chapter 19 Intrusion Prevention System
IPS Rules
19-36
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
UnnumberedThe router will use one of a pool of IP addresses supplied by
your service provider for your router, and for the devices on the LAN.
Not ApplicableThe interface type cannot be assigned an IP address.
Inbound IPS/Outbound IPS
EnabledIPS is enabled for this traffic direction.
DisabledIPS is disabled for this traffic direction.
VFR Status
Virtual Fragment Reassembly (VFR) status. Possible values:
OnVFR is enabled
OffVFR is disabled
IPS cannot identify the contents of IP fragments nor can it gather port information
from the fragment in order to match it with a signature. These inabilities allow the
fragments to pass through the network without being examined or without
dynamic access control list (ACL) creation.
VFR enables the Cisco IOS Firewall to create the appropriate dynamic ACLs,
thereby, protecting the network from various fragmentation attacks.
Description
A description of the connection, if one has been added.
IPS Filter Details
If no filter has been applied to traffic, this area contains no entries. If a filter is
applied, the name or number of the ACL is shown in parentheses.
Inbound/Outbound Filter Buttons
Click to view the entries of the filter applied to inbound or outbound traffic.
Field Descriptions
ActionWhether the traffic is permitted or denied