Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
OverviewIntroduction - What are Regular Expressions and why should I read this ?Regex Basic FunctionsReading Regular ExpressionsRegex for IPS SignaturesConclusion and linksWhat are Regular Expressions and why should I read this ?Regular Expressions (...
Initial Configuration of the AIP-SSM Sensor: The initial configuration of the AIP-SSM sensor for the ASA firewall consists of 3 steps:Configure the basic system parameters of the sensor module by sessioning in to the sensor from the ASASend traffic ...
MARS has various CLI commands to display it's current health status as well as to get the sysem log.Often, when opening a case with Cisco TAC about an issue related to peformance or error messages on MARS, the support engineer will need the system lo...
Hi Alex,As Matthew mentioned previously, for the NME module, the access list defines what traffic will NOT be inspected.If you want the NME to inspect all traffic, you should change the access-list to DENY all traffic.So, change it into "access-list ...
Click the below link to see a couple of screencast videos illustrating the initial config of AIP-SSM modules.https://supportforums.cisco.com/docs/DOC-12233
Ron, and anyone else who reported the issue,In order for us to further determine what exactly is causing this signature to fire for your traffic, can you please provide me packet capture (pcap file) of the traffic on which the signature is firing o...
We are aware of potential issues with signature 31359/0 that can cause it to fire on legitimate traffic.A bug has been filed and our signature develpment team is working on a solution.For more info, see http://tools.cisco.com/squish/41f5EFor now, as ...
Hi Vinoth,The IDS-4215 sensor does not support the IPS 7.0 software version. The latest software version supported on this platform is 6.0.It does however support the E4 engine in combination with the 6.0(6) software version.In order to upgrade your ...
