IPS 4240 -email arlert configuration and Which mode

Similar Messages

• How to install webcenter sites 11.1.1.6 or 11.1.1.8 in cluster configuration and delivery mode?

  I am trying to install webcenter sites 11.1.1.6 using cluster configuration and in delivery mode but its not getting installed properly.
  Can anyone please share on the steps to follow while installing webcenter sites in delivery environment?

  The recommendation from the Oracle WebCenter & ADF Architecture Team is to keep the parts decoupled, installing WebCenter Sites on a separate machine. Otherwise it would be leading towards a 'Type 3' integration. Specifically looking at the proof-of-concept application 'Spark', which requires WebCenter Sites and WebCenter Portal installed on the same machine:
  +"Due to this co-deployment requirement, most clients have avoided installing or using Spark. And not without reason: installing two big, complex applications on the same environment is problematic with regards to scalability and tuning."+
  http://blogs.oracle.com/ATEAM_WEBCENTER/entry/integrating_webcenter_sites_with_webcenter3
  The introductory article on integrating WebCenter Sites and WebCenter Portal:
  http://blogs.oracle.com/ATEAM_WEBCENTER/entry/integrating_webcenter_sites_with_webcenter
  Thanks

• IPS 4240 & Interface Up\Down In Bypass-Mode Auto

  Hi. this is a strange one. We have a C7200R (FastEthernet) on one side and a C3500 (FastEthernet) on the other with an IPS4240 in the middle. When changing the IPS unit from "bypass-mode on" to auto the interface on the C7200 router goes down, ie no link activity. We have tried several combinations of interface speeds\duplex. The systems would normally be in speed auto\duplex auto but we have tried 100\full forced as well. When in "bypass-mode on" the all systems work fine in auto\auto negotiating 100\full. Any ideas. Thanks Alex

  I have a similar problem:
  ASA 5510 - E0/0 - Connects to E0/1 on C2800 - when we set it to FULL/100 the connection fails - when the interfaces are set to AUTO everything is fine. Any suggestions? Thanks

• DAQmx input terminal configuration and sample mode choice

  Hi,
  I am studying "Timing and Synchronization Features of NI-DAQmx" from the following link,
   http://zone.ni.com/devzone/cda/tut/p/id/4322 
  Could
  anyone tell me in Figure 2, how to do input terminal configuration in
  the "DAQmx creat virtual channel" part? Shoud I just double click on
  the icon to change it? Or there is some way that I can show it in the
  block diagram like the sample mode in the DAQmx part?
  One
  more question, in the DAQmx timing part, how can I put "Continous
  Samples" there? Is it from the function pallette? Thank you.
  Solved!
  Go to Solution.

  You just right click on the terminal and select Create constant. You will get an constant on your BD with the appropiat type. Guess this covers 90% of yopur question. But, keep comin'.
  Felix
  www.aescusoft.de
  My latest community nugget on producer/consumer design
  My current blog: A journey through uml

• TCP RESET - CISCO IPS 4240 in IDS Mode - Block Teamviewer

  I would like to block teamviewer in my network. we are using CISCO IPS 4240 in IDS Mode. I found that there are signatures for teamviewer in latest Signatures.
  We have only configured promiscuous interface, I read that we can issue TCP resets thru promiscuous interface as well (recommended is dedicated tcp reset interface).
  However in my case, I found that Signatures for teamviewer is not getting fired even after getting successful teamviewer connections.
  I am a beginner is IPS, Any inputs will be valuable for me.

  We're talking about sigs 15002-0, -1, -2 here. They are by default shipped disabled and retired, so you'll want to enable and activate them.
  For these, the signature settings are not hidden and what they look for is pretty clearly documented in the sig description.
  -0 looks for some specific DNS requests on TeamViewer's startup. TCP resets will have no effect on this.
  -1 looks for specific traffic to tcp port 5938 which would indicate Teamviewer's direct-connection method
  -2 looks for traffic indicating use over http when teamviewer is configured to use a proxy
  TCP resets are a best effort response, they aren't going to be a 100% effective stop

• Router NME IPS - use promiscuous and inline mode simultaneous

  Hi all,
  we are using the IPS module NME-IPS-K9 on a Cisco 2951 router. We like to use the IPS in promiscuous and inline mode simultaneous. For example traffic from a client to a server should pass through the IPS. But the IPS should only recieve a copy of the VoIP traffic.
  In the interface configuration mode the following command is set.
       ids-service-module monitoring promiscuous access-list 101
  If I try to set a interface to inline mode I get the following message:
       "Only either Inline or Promiscuous
       monitoring is supported on the router at one time.
       Please remove Promiscuous monitoring on all interfaces
       before configuring Inline monitoring. Only either Inline or Promiscuous
       monitoring is supported on the router at one time.
       Please remove Promiscuous monitoring on all interfaces
       before configuring Inline monitoring."
  Is there any way to use promiscuous and inline monitoring at the same time? Is there a firmware update available which includes this feature? Any other idears?
  IOS version of the router: 15.0(1)M4
  IPS version:  7.0(2)E4
  Kind Regards

  In promiscuous mode your sensor doesn't affect the traffic but it only listen and analyze it.
  In inline mode you direct all your traffic on this network segment you want to protect to IPS and it analyze it and block some actions according to your settings.
  It is the main difference. Which mode to prefer must be your decision.

• Bitcoin generator and Cisco IPS 4240

  I have a problem with Bitcoin generator installed somewhere in local network.
  I have IPS 4240 what connected as IPS (All traffic to internet passes through IPS.
  The software on IPS is very old.. and I can not upgade it.
  Version 6.0(6)E4
  Can I configure IPS tj detect and prevent bitcoin?

  Please any one can answer these questions...Your help is appreciable...Thse are blocking me...
  We have purchased Cisco IPS 4240 sensor, installed the license and that device is communicating with other computers in the network. The version installed is IPS 6.1(1)E1. Please can you answer me below questions.
  1) Please can you provide me the Document or link, that lists all the possible events that can be generated by Cisco IPS 4240 sensor.
  2)Where this IPS 4240 sensor will store all the generated events, Pls can u provide me the File names,location of that files and can you tell me how to acces that files?
  3) How many types of events will be generated by this IPS 4240 sensor.
  4) How to send all types of events to Syslog server (Windows Kiwi syslog OR Linux syslog) present on another system in the network through CLI,IDM and IME.
  5) Can you provide me some Examples to generate different events.
  6) What is the difference between CLI, IDM and IME?
  7) How we can know that configured IPS system is in Inline mode?

• Can I configure csm as one arm and routing mode at the same time?

  My csm currently is configured as the routing mode and bridge mode, resently I have a service requirement which I think the one arm mode should be the best resolution. Can anybody let me know if there will be any affect if I add the one arm mode to the currently production environment?
  Thanks in advance.
  Jason

  Gille,
  Thanks for your quick response. I notice you have same opinion about the one arm mode in your other post, but I think in the multi-tire data center design with fw in bridge mode and csm in one arm mode with RHI, do give us a lot of flexibilty. If I use policy routing instead of source nat, can I overcome these limit you metioned?
  Do you know who csm could handle the TFTP traffic? I may have too much question, I am realy looking for your suggestion.
  Thanks
  Jason

• How to configure IPS 4240 - K9 to send log file to syslog server

  I am looking for the commands in how to configure IPS 4240-k9 to send log file to SYSLOG server. If anybody has or came across similer issue please advice.
  Thanks in advanced.

  Ali -
  I am sorry to tell you, but the Cisco IPS Sensors do not send Syslog messages. Your only options for sending signature event information are:
  SDEE (an TLS Encrypted XML formatted message) the sensor is the SDEE Host and your event receiver (MARS, IME, Intelitactics, etc) is the client.
  SNMP Traps - You need to set the "Action" on each signature you want the sensor to send a trap.
  - Bob

• How to configure and deploy OAM 11g with DB setup using silent mode

  Hello all,
  I am trying to create automation process to install and configure OAM 11g on WLS. This task involves three stages
  1. Install WLS
  2. Install OAM 11g
  3. Create DB schema using RCU
  4. Configure and deploy OAM 11g
  I have done first 3 stages in silent mode using scripts and response files. I am stuck at 4th stage. I know how to configure and deploy OAM 11g using config.sh via GUI installer as well as console mode. But I would like to run config.sh in silent mode something like
  ./config.sh -mode=silent -silent_script=<script_location>
  I have searched a lot, but could not find any resource on how to do it? I tried passing the parameters via a text file. But that has not worked. I have also explored WLST, but it also does not work. Given that first 3 things are relatively very simple, the 4th step is becoming complex. I would be very thankful if someone can please point me in the right direction.
  Thanks!

  Have a look at your software directory : <sofware directory>/Disk1/stage/Response
  Here you will find 2 rsp files which you can use to install and then configure it all.
  Good luck.
  Filip

• Unable to load IPS 4240 IOS from Rom Mode

  Hi Experts,
  Kindl asist me in load the IPS IOS on the IPS 4240 from rommon mode.
  Note: I can only access the IPS via rommon only becuase the existing ios is cuppted and formatted.
  The rommon output is give bellow:
  rommon #2> set
  ROMMON Variable Settings:
    ADDRESS=192.168.2.16
    SERVER=192.168.2.58
    GATEWAY=192.168.2.1
    PORT=Management0/0
    VLAN=untagged
    IMAGE=C:\IOS\Tftpd32\IPS-4240-k9-sys-1.1-a-6.1-1-E2.img
    CONFIG=
    LINKTIMEOUT=20
    PKTTIMEOUT=4
    RETRY=20
  rommon #14> ping 192.168.2.16
  Sending 20, 100-byte ICMP Echoes to 192.168.2.16, timeout is 4 seconds:
  Success rate is 0 percent (0/20)
  rommon #15> ping 192.168.2.58
  Sending 20, 100-byte ICMP Echoes to 192.168.2.58, timeout is 4 seconds:
  Success rate is 95 percent (19/20)
  rommon #0> ping 192.168.2.1
  Sending 20, 100-byte ICMP Echoes to 192.168.2.1, timeout is 4 seconds:
  Success rate is 100 percent (20/20)
  rommon #1> ping 192.168.2.16
  Sending 20, 100-byte ICMP Echoes to 192.168.2.16, timeout is 4 seconds:
  Success rate is 0 percent (0/20)
  rommon #2>
  The major problem is that i cannot ping the ips interface address  192.168.2.16) while i can ping all the others.
  Thanks in anticipation!
  Regards

  Hi,
  From the error message the file was not found on the tftp server.
  I see that you have:
    IMAGE=C:\IOS\Tftpd32\IPS-4240-k9-sys-1.1-a-6.1-1-E2.img
  I am guessing that this should be:
    IMAGE=IPS-4240-k9-sys-1.1-a-6.1-1-E2.img
  as the tftp daemon on your machine probably is using  C:\IOS\Tftpd32\ as the 'root' directory of the files it is serving.
  You can check this in the settings of the tftp daemon.
  Best regards, Peter

• I have lost my iPhone and it has stated that it is offline. I received an email that stated it went online and activated play a sound and lost mode. So I went into iPhone app and it says offline. Is there any way to find ?

  I have lost my iPhone and it has stated that it is offline. I received an email that stated it went online and activated play a sound and lost mode. So I went into iPhone app and it says offline. Is there any way to find ?

  Not unless it goes back online.  If it was stolen it may have been restored, in which case it will never appear again in Find My iPhone.

• My iPad has a different Apple ID than the Apple ID on my computer. The iPad Apple ID has an email address that I no longer use. If I try to add the email address that I now use (and which is my Apple ID on the computer), it won't allow me to add it.

  My iPad has a different Apple ID than the Apple ID on my computer. The iPad Apple ID has an email address that I no longer use. If (while on the iPad) I go to My Apple ID and try to change or add the email address that I now use (and which already is my Apple ID on the computer), it won't allow me to add it. It says : "Email address is already verified for another Apple ID"  I haven't really been aware of this as a problem until I tried (for the first time) to sync my iPad to the computer and became aware that certain things wouldn't transfer. What is the solution to this?

  What are you having problems with ?
  This post was about having updated the primary email address on an iTunes account via a computer - if you do that you might need to log out of the account on an iPad by tapping on the id in Settings > iTunes & App Store and then log back in with the updated version of the account for that email address change to be recognised on your iPad. If you don't log out and back in then an iPad (or iPhone or iPod Touch) might continue to show the old version of the iTunes account id.

• Hi guys, Having a problem with emoji. I have the emoji on my dock which I found a shortcut on Cult of the Mac. I click on the emoji and drag it to my email or whatever, and it will not drop into place. There is a blue square. Other shortcuts don't work.

  Hi Guys,
  Having problem with emoji, I have the character palette shortcut on my dock which I found through article from Cult of the Mac. I click on the emoticon and drag it to my email or whatever and get a blue box - no emoji. I tried the keyboard shortcut - doesn't work. I tried the drop down the menu in edit - doesn't work either. I am running Lion and want to upgrade to Mountain Lion. Want to fix this before I upgrade or should I just upgrade and hope for the best?  Been all over the net looking for solution.
  Thanks for your help,
  blueheron11

  Pages does not support the Apple font used for color emoji, so that behavior is normal.
  With what app are you reading the yahoo mail?  There is really no guarantee than any other email service will show the special Apple font involved.
  You should have no problem putting emoji directly into Mail or Text edit via drag drop from the Character Viewer as shown below.
  You should also be able to upload graphics here easily by clicking on the camera icon.  My email is tom at bluesky dot org.

• HT201365 I recently updated my Ipad 2 with iOS7 and I suddenly have 794 emails in my inbox which were previously read and deleted.  how do I get rid of them without doing one at a time?

  I recently updated my Ipad2 to iOS7 and suddenly have 794 emails in my inbox which were previously reviewed and deleted.  How can I get rid of them without doing one at a time?

  You should be syncing your contacts with an app on your computer or cloud service (iCloud, Gmail, Yahoo, etc), and not relying on a backup.  If you haven't been doing this, start now and then restore your old backup.  You will then be able to sync the new contacts back into the phone.  However, you will lose all messages, etc newer thant the backup.