Cisco IPS Concurrent session support in ips 4260 and 4270 sensor

Similar Messages

• How to configure a cisco 2960 switch to support two routers(data and voice), please give me any suggestions

  HI, I need to configure a 2960 switch at a client site. They have routers already been installed on site, one is for data traffic another is for voice. I have created two vlans on switch  for data and voice. Now I couldn't get any idea what would be the default gateway on switch. 
  Please give me any suggestions.

  HI Leo, 
              Many thanks for your reply.
           But there are two up-links going from Gi 0/1 and Gi 0/2. I have configured the S/W like below, 
  interface GigabitEthernet0/1
  description UPLINK TO Data router
  switchport access vlan 100
   switchport mode access
  interface GigabitEthernet0/2
  description UPLINK TO voice router
  switchport access vlan 100
   switchport mode access
  interface Vlan1
   no ip address
   no ip route-cache
   shutdown
  interface Vlan60
   ip address 192.168.1.253 255.255.255.0
   ip helper address 192.168.1.1
   no ip route-cache
  interface Vlan100
   ip address 172.16.1.253 255.255.255.0
   ip helper address 172.16.1.1
   no ip route-cache
   I have used IP helper address, but I am getting some connecting issues on PCs and IP phones. Please suggest me, Can I manage it with two uplinks with different IP addresses. 
  Thanks in advance.

• Radius or TACAS support on IPS modules ??

  HI..
  I want to integrate Authentication Server & IPS Sensor & VMS
  Authentication Server is Radius or TACAS.
  so. Radius or TACAS support on IPS modules ??
  thanks,

  CiscoWorks Login Module to TACACS+ or Radius
  http://www.cisco.com/en/US/products/ps6498/products_user_guide_chapter09186a00806167e3.html#wp98970
  But, I don't know IPS module support Radius.
  Radius or TACAS support on IPS modules ??

• IPS 6.0 Supported FTP Server??

  Hi,is it true that we can only use supported ftp servers that are documented in cisco for updating ips signatures or image?
  ###cisco ips 6.x document ####
  The following FTP servers are supported for IPS software updates:
  • WU-FTPD 2.6.2 (Linux)
  • Solaris 2.8
  • Sambar 6.0 (Windows 2000)
  • Serv-U 5.0 (Windows 2000)
  • MS IIS 5.0 (Windows 2000)
  can we use ordinary ftp servers other than ftp servers listed above?? thanks

  When originally implemented the ftp auto update feature had several problems when using other ftp servers.
  The implementation has changed over the past few years, and become more generalized.
  So the listed FTP Servers are the ones "officially" tested and supported.
  However, it should work with most other FTP servers as well.
  I would recommend trying it with whatever FTP server you already have running. If it works then great; you are probably fine to keep using it.
  If it doesn't work with your FTP server, then you can contact the TAC. If it turns out to be an incompatability between the sensor and your FTP server, then the issue would have to be entered as an enhancement request to get your FTP server supported rather than an actual bug.
  We used to hear alot of incompatability problems with other FTP servers a few years ago.
  But I haven't heard of any in the past 2 years.
  If it is not working, then it is usually not a problem with the actual FTP server, but rather in how it was configured.
  Here are a few examples of issues that are sometimes seen, and can be avoided with configuration of the FTP server.
  Additional login messages can sometimes confuse the sensor (like warnings about who can access the box).
  The FTP server has to be configured to use unix style directory listings instead of windows style.
  Permissions on the files themselves can be a problem.
  Renaming of the files after being pulled from cisco.com can cause problems, so keep the filenames exactly as seen on the cisco.com pages.
  Keep directory names to letters and numbers to avoid parsing problems with the directory name.

• Cisco asa 5585 syslog options for ips?

  We have CISCO ASA 5585 with a separate module for IPS, I want to know what are the options for configuring syslog? Its nearly impossible to find ; and there are some forums on the internet which says that cisco ips stores logs in native / proprietary format and cannot be exported.
  Please elaborate
  Thanks.

  Some sensor-related events generate syslog messages. Those will be forwarded according to the parent ASA syslog settings.
  Detailed IPS events (signature triggers actions etc.) are stored locally and must be retrieved using the SDEE protocol (tcp-based). That requires use of a management system like Cisco Security Manager (CSM), IPS Manager Express (IME) etc. There is a good document here that explains SDEE in more detail.

• VPN 3005 Peak Concurrent Sessions

  Hi
  I have an old VPN 3005 concentrator that need replacement. At the webinterface under monitoring -> sessions I can see that my Peak Concurrent Sessions is 19. The question is if its 19 sessions peak since last reboot or a specefic time period?
  I've 200 vpn session available in the 3005, i planning to replace it with an ASA 5505 with max 25 VPN sessions.
  Best Regards, Steffen.              

  The peak concurrent sessions count from the last reboot or reset on.
  If you go for the ASA 5505, you need the Security-Plus-Version, only that supports 25 Users.
  Sent from Cisco Technical Support iPad App

• Cisco 2602 Access Point - Support

  Dear Team,
  Could you please advise, if Cisco 2602 Access Point supports IPS and CleanAir along with Access Point feature or does it need to work as standalone to have these functions enabled ?
  Regards,
  SID 

  Might as well add my 2¢
  In order to have CleanAir, you need a WLC.  In order to do IPS, wireless its called wIPS, you need an MSE and NCS or Prime Infrastructure.
  A standalone access point (autonomous) is just a dumb AP and can't perform any of those functions:)
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• How Cisco ISE 1.2 Base licenses are consumed and tracks concurrent endpoint connected to network

  Hello
  I am interested to know how the cisco ISE 1.2 base licences are consumed. As the cisco ise 1.2 user guide "The Base License is consumed whenever an authentication notification is received by Cisco ISE."
  Based on the above statement i have following queries :-
  Radius being the UDP based request, its only during the time endpoint is authenticated and authorized the base license is consumed and then its is released. Then how does cisco ISE tracks the concurrent endpoints connected to the network.
  Thanks
  Kumar

  thanks for the reply Tarik.
  As I understand, you mean that a base license is consumed by every radius authentication request and then the license is free to be utilised again
  Also would this means if Radius accounting is turned off, then concurrent sessions will not be tracked.
  Thanks
  Kumar

• What is the Maximum Number of Concurrent Sessions allowed on a Shared Exchange Mailbox ?

  Hi,
  I have a query that how many concurrent sessions are allowed on a Resource Mailbox ?
  E.g. I have a scenario in which i run a Helpdesk, and it has an email address ([email protected]), where company employees can email thier IT Issues/requests.
  Now I have hired say 50 Service Desk agents, now is it possible that all 50 can access the IThelpdesk mailbox at one time ? Are there any limits on the number of the concurrent sessions of the mailbox ? What are the the permutations and combinations in this
  case ?
  ** The mailbox is on Exchange Server 2003**
  Regards,
  Tojo Thankachan
  +91 7875039665

  Hi,
  Exchange Server 2003 SP1 imposes a restriction on the number of permitted MAPI sessions per user. By default, the maximum number of permitted MAPI sessions per user is set to a hexadecimal value of 0x20 after you apply Exchange Server 2003 SP1.
  Generally, Event ID 9646 will be logged in the application event log of your Exchange Server 2003 computer when a client opens many MAPI sessions. Here is a KB descripted the details of it:
  http://support.microsoft.com/kb/842022
  For more information about MAPI session limit, please refer to:
  http://technet.microsoft.com/en-us/library/dd159906(v=exchg.80).aspx
  Thanks,
  Winnie Liang
  TechNet Community Support

• IPS and Virtual Sensors

  Hello.
  I am looking to put in an IPS. I would like to monitor two segments, but read this in the docs...
  "To avoid definition ordering issues, no conflicts or overlaps are allowed in assignments-you assign interfaces, inline interface pairs, inline VLAN pairs, and VLAN groups to a specific virtual sensor so that no packet is processed by more than one virtual sensor."
  Say I have two virtual sensors and subnets A and B. My question is that packets from segment A will go thru virtual-sensor1, but may (depending on routing) need to pass thru the VLAN pair of virtual-sensor2 to subnet B. Judging from above, this is not possible, since it says the packet can only be seen once. Please advise if I am interpreting the docs correctly.
  Any suggestions or insight is appreciated! Thanks!

  Ah, okay; just to clarify... What they are speaking of is when the packet goes thru the IPS the first time, it stays in one virtual sensor during it's "session" thru it and is should not processed by any other virtual sensor.
  If the packet reenters the IPS on a different interface pair (ie; virtual sensor) then that is OK.
  Thanks for the reply!

• How do I create an API with session support?

  Hi experts,
  I am implemented an API, now I need to have a session for each user using this API, something like HttpSession, I need to store some attribute for each user. for example, each user may choose its own locale and I need to manage every one separately.
  is there any design pattern to support session or has anyone such experience?
  thank you very much

  java1357 wrote:
  Thanks valooCK
  may I ask you what is lightweight container? in other words, how can I define one. did you mean something like a Servlet? if yes, in none-web application what kind of container I can use?
  do you know a simple container or an example?
  thanks againactually you dont need session support in a regulr application. it is needed only in a web application because a session of a web application may comsist of several stateless pages, the session helps maintain the state throughout the application.
  a regular application may consist of a main thread, plus work threads and background thread. so long as your main thread is running, you can use it to maintain state. all you need is a containter type of class for more efficient management, which can be used for a web application as well.
  a lightweight container is a server code which, unlike heavyweight container such as the ejb container that requires you implement certain interfaces, does not require any special interface implementation, any good old java classes will run in it. for more informatioon, look up some spring docs.

• Why doesn't Cisco add full IPv6 support to the firmware of the wrvs4400n small business router?

  I own a Cisco wrvs4400n. I love this router but have been unhappy that it is not ipv6 ready. I have been disappointed that Cisco has not developed/introduced a new follow-on router, an advanced version of this router adding AC wireless support and speeds, more wireless signal strength, true dual band as well as the full ipv6 for the web additional to the intranet (as they have finally added in the latest firmware update) - to name a few. What they are offering presently is embarrassingly weak. They seem to be ceding the small business arena but no one else seems to be bringing out a good product for this market either. If they would at least provide support for IPv6 on the web, I could wait until they finally wake up and develop a good follow-on wired/wireless gigabit router.
  Linksys, which they sold off for whatever reason, has been developing some impressive routers by hardware measures, but their firmware does not offer access to it to control and configure it that I would expect in a SBR, like they began in the wrvs4400n. Either I need Cisco to add that ipv6 so I can at least utilise the incipient roll-out of IPv6 from my ISP for time being or finally bring out an exciting new follow-on router with all the controls of that new architecture extending what they offered in the 4400!
  If anyone has information/knowledge about either of these two options, developing another firmware update with full ipv6 or developing and introducing a follow-on router, please inform me about it. I am a 1 to 6 person operation and want to move into the present, at minimum, or, preferably, future. Thank you any one who can enlighten me about this.

  Voskuil67 wrote:
  I have twice requested (paid) tech support for getting BB Desktop Software for Mac to work
  Sorry, I don't think I understand. You have initiated a "paid" per-incident support ticket with RIM, and paid for these services, and you are not getting a call back?
  When you paid for this, you should have been issued a case number or support incident file number. If you have that, you should contact RIM immediately for resolution. If you need a phone number, try 1-877-255-2377
  If the above is not your situation, could you please explain further?
  1. If any post helps you please click the below the post(s) that helped you.
  2. Please resolve your thread by marking the post "Solution?" which solved it for you!
  3. Install free BlackBerry Protect today for backups of contacts and data.
  4. Guide to Unlocking your BlackBerry & Unlock Codes
  Join our BBM Channels (Beta)
  BlackBerry Support Forums Channel
  PIN: C0001B7B4   Display/Scan Bar Code
  Knowledge Base Updates
  PIN: C0005A9AA   Display/Scan Bar Code

• Whats the limit of max no of concurrent sessions in oracle9i database

  Hi,
  pls let me know whats the limit of max no of concurrent sessions in oracle9i database .
  Thanks.

  Hi,
  Oracle no longer offers licensing by the number of concurrent sessions.
  There used to be 2 initialization parameters : - LICENSE_MAX_SESSIONS and LICENSE_SESSIONS_WARNING . these have been deprecated.
  Therefore Jaffer's statements stands.....
  Cheers...rCube.

• Does Cisco ISE 1.2 support Catalyst SRW224G4P and Small business ESW520 Switches?

  Hello all,
  Does Cisco ISE 1.2 support Catalyst SRW224G4P and Small business ESW520 Switches?
  Best regards.

  Hi there, the link below outlines the ISE supported Cisco hardware:
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/compatibility/ise_sdt.html
  Thank you for rating helpful posts!

• Large number of concurrent sessions

  What optimizations are used to provide a large number of concurrent sessions?

  Generally:
  1) Design so that clustering is easy - e.g. cache only read-only data, and
  cache it agressively
  2) Keep replication requirements down - e.g. keep HTTP sessions small and
  turn off replication on stateful session beans
  3) Always load test with db shared = true so that you don't get nasty
  surprise when clustering
  4) Don't hit the database more than necessary - generally the db scales the
  poorest
  Peace,
  Cameron Purdy
  Tangosol, Inc.
  Clustering Weblogic? You're either using Coherence, or you should be!
  Download a Tangosol Coherence eval today at http://www.tangosol.com/
  "Priya Shinde" <[email protected]> wrote in message
  news:3c6fb3bd$[email protected]..
  >
  What optimizations are used to provide a large number of concurrentsessions?