We have a number of 881 routers with firewall and ips services as part of the ios.
I am looking for some easy to read docs to help us get started configuring the ips services, identify traffic severities and threat levels and understand how to drop specific traffic based on this as well as signatures.
is it easier to do this with cli or the gui?
can we use the same docs and logistics to the ips module on our asa's?
The simplest way to go about this is via the CCP GUI. This will get you "in the ballpark" with some preconfigured firewall settings (low, medium, high). Once you get familiar with how the different levels are configured you can then go into the edit mode and tweak the firewall settings to fit your particular configuration. If you are a CLI junkie then you do need to be mindful of your configurations.
To some degree the ASA info will help you but you would be better off using the CCP users manual to get a better description of how the IOS firewall and the IDS configurations are set up.
There is a known IOS bug that you will need to be familiar with. The following link expains it very well:
Bottom line is you will probably need to upgrade the IOS in the 881's to be able to run any sensor version after S639.
I can assure you by my own discovery, the 881 will not work if you have an older IOS version and you attempt to install a sensor of S640 or higher. I found that out the hard way as this information was not privy to me at the time I installed S640. It took a bit of doing but I did recover and now have the latest IOS as well as the latest sensor version.
Multiple Cisco Security Technologies in a single book : ASA Firepower, WSA, Umbrella, ISE and VPN with 100 percent 100 practical scenarios with 70 Labs to cover important topics of the Cisco SCOR Exam. The best part is ISE with interesting scenarios wi...
Cisco Umbrella is a big DNS service that provides not only the DNS resolution but also if the hosted website is trust or malicious, the idea behind the Layer DNS Security is that the modern attacks uses the DNS in the first step either to redirect the use...
I shared with you this detailed document I created with 27 pages about Cisco ISE Integration With F5 BIG-IP Locar Traffic Manager LTM Load Balancer for Guest Acces.
The method used for Guest Access is the Self-Registration.
Healt Monitor using HTTP...
I created an IPSEC Site to site Tunnel between two ASA Firewalls in EVE-NG topology and i want to plot the IPSEC Site to Site VPN graph on PRTG ? The SNMP Walk command is not getting any output . As the firewall is making SNMP inbound connections with the...
The purpose of this document is to demonstrate how ISE can integrate with an eduroam external server which is a WI-Fi roaming service that provides international access to devices in education, research, and higher education. Students, teachers, and resea...