IPS SSP module vs standalone 4200 series devices

Similar Messages

• 4200 series IPS & GNU Bash issue

  any idea when we will see an update for cisco-sa-20140926-bash (GNU bash issue) for the 4200 series IPS appliances?

  Do the logs show anything useful when the freeze occurs?

• I'm looking for Failover/High available solutions for IPS 4200 Series

  Hi all,
  I tried to find out Failover/High available solutions for IPS 4200 series,I didn't saw failover solutions in IPS guide document. Anybody can be help me!

  I do not know if this is documented anywhere, but I can tell you what I do. As long as the IPS 4200 has power, with the right software settings, the unit can fail such that it will pass traffic. Should the unit loose power, it does stop all traffic. I run a patch cable in parallel with the in line IPS unit, in the same VLAN, with a higher STP cost. Thus all traffic will traverse the IPS unit when possible, but should something happen to it, a $10 patch cable takes over.
  Mike

• ASA 5585-X IPS SSP system image recovery?

  SSP-10 in slot 0
  IPS SSP-60 in slot 1
  This is not a supported configuration but does it actually work?
  On one chassis the system image is missing from IPS SSP-60. I attempted hw-module recovery from tftp but it just gets stuck in recovery mode. IPS SSP console says pretty much says its in boot loop because it does not have a valid image.
  The procedure I used
  http://www.cisco.com/en/US/docs/security/ips/7.1/installation/guide/hw_system_images.html#wp1371782
  I can download the image via tftp to flash but the recovery for IPS SSP just does't load from tftp.
  When there are two modules in the chassis, the management port for IPS SSP-60 comes up (green) but I don't see management 1/0 port. Is it still referenced by management 0/0 on IPS SSP console?

  It sounds surprisingly about ASA5515 and SCM 4.3
  coz of following URLs:
  http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/4-4/release/notes/csmrn44.html#wp70531
  Cisco Security Manager 4.4
  In addition to resolved caveats, this release includes the following new features and enhancements:
  •The following devices are now supported in Security Manager 4.4:
  –ASA 9.0(1).
  –ASA 9.1 and its compatible ASDM.
  –ASA 8.4(5).
  –Cisco Catalyst 7600 Series ASA Services Modules (ASA-SM).
  –ASR backward compatibility support.
  http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/4-5/release/notes/csmrn45.html#wp362107
  Support for additional devices (for detailed compatibility information, refer to Supported Devices and Software Versions for Cisco Security Manager 4.5 ):
  –IPS 7.1(8) and 7.2(1)
  –ASA 8.4(6)
  –ASA 9.1(2) and 9.1(3) (both standalone ASA and ASA-SM)
  –ISR 4451 with IOS-XE 3.9 image

• Can I use SCC-DI01 modules with a PCI-6533 device?

  I am looking into performing buffered acquisition of various digital signals using a PCI-6533 device. Can I use SCC-DI01 modules with this device? If so, would this be via the SC-2345 Carrier? The manual seemed to suggest is was only compatible with E-series devices?
  Basically, I want to monitor 32 digital channels and will have a mixture of 5V and 24V signals.
  Many thanks,
  Douglas

  Hi Douglas
  Could you please clarify where the manual suggests that the module is only compatible with an E series board (is it because only an E series board is referenced in the manual)?
  I can't find any information stating which devices are/aren't supported by the SCC-DI01, but I will continue to investigate and keep you posted with my progress.
  Kind Regards
  Stuart R

• How to order IPS Svc for ASA5515-K8 and L-ASA5515-IPS-SSP=?

  Hello!
  I have got ASA5515-K8 and IPS license L-ASA5515-IPS-SSP= ordered separately.
  What smartnet should I order to enable IPS singnature updates?
  I tried to order SU1 smartnet for ASA5515-K8, but Product ID ASA5515-K8 is not mapped to SU1 service.
  Thank you!

  Hello Andy,
  Here is the information you are looking for:
  Cisco Services for IPS
  Cisco Services for IPS is an integral part of the Cisco ASA 5500-X Series IPS Solution and enables operators to
  receive time-critical signature file updates and alerts. Part of the Cisco Technical Support Services portfolio, Cisco
  Services for IPS allows your Cisco ASA 5500-X Series IPS Solution to stay current on the latest threats so that
  malicious or damaging traffic is accurately identified, classified, and stopped. Cisco Services for IPS features
  include:
  ● Signature file updates and alerts
  ● Registered access to Cisco.com for online tools and technical assistance
  ● Access to the Cisco Technical Assistance Center
  ● Cisco IPS software updates
  ● Advance replacement of failed hardware
  For more information about Cisco Services for IPS, visit
  http://www.cisco.com/en/US/products/ps6076/serv_group_home.html.

• Inspect other firewall traffic using ASA 5585-X IPS SSP

  Is it possible to inspect traffic from other firewalls (say checkpoint firewall) apart from the one the ASA firewall the ASA IPS SSP is running on?
  Any help will be appreciated
  O.

  Hello Amit,
  Can you share :
  show ips detail
  show  module 1 details
  show service-policy
  Now, can you explain a little about this:
  on the switch end port tengig 1/8 is connected on nexus and specific vlans are monotored on that interface. But as of now i am not able to see any traffic on that interface. I dont know what wrong i am doing as this is the firstime on this IPS module. there is no ports connected on the firewall. only port connected is tengig 1/8 which is on the ips module which is in promisucs mode.
  I mean the firewall is the one that will redirect the traffic to the IPS sensor so not sure I follow you!
  Looking for some Networking Assistance? 
  Contact me directly at [email protected]
  I will fix your problem ASAP.
  Cheers,
  Julio Carvajal Segura
  http://laguiadelnetworking.com

• IPS software module management

  Is it posible to manage (over IP) IPS software module (ASA5555-X) in a different way than through ASA management interface or I have to use mgmt int if I want to use IPS?

  If you want to use the GUI, you need to use the management interface.
  You can ssh (or telnet - not recommended as it is insecure) into the ASA from any interface where you have enabled ssh access and session to the module to configure from CLI (painful but possible to do).

• Trying to enable/configure an IPS software module on ASA 5545

  I've been trying to get our IPS module working on a pair of ASA 5545-X with nothing but grief.  First we lost our license paks, then I found then and genned the license files  FALCONXXXX.LIC. Cisco told me that I have to config the CX module and use Prime Security Manager to load the *.lic files. 
  Finally get that done but the IPS module is still inactive. Okay missing IPS image on disk0: copy that on to ASA and try loading it using the 
  sw-module cmds and return error is can't load image another service is running
  So do I have to stop the CX after all this Prime Security manager stuff?  I can't use ASDM since it only wants an activation key (hex) which I don't have..
  Ideas? suggestions? 
  od  Card Type                                    Model              Serial No. 
     0 ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt     ASA5545            FCH1831JCXB
   ips Unknown                                      N/A                FCH1831JCXB
  cxsc ASA CX5545 Security Appliance                ASA CX5545         FCH1831JCXB
   sfr Unknown                                      N/A                FCH1831JCXB
  Mod  MAC Address Range                 Hw Version   Fw Version   Sw Version     
     0 7c0e.ceee.d8eb to 7c0e.ceee.d8f4  1.0          2.1(9)8      9.2(2)8
   ips 7c0e.ceee.d8e9 to 7c0e.ceee.d8e9  N/A          N/A          
  cxsc 7c0e.ceee.d8e9 to 7c0e.ceee.d8e9  N/A          N/A          9.2.1.1
   sfr 7c0e.ceee.d8e9 to 7c0e.ceee.d8e9  N/A          N/A          
  Mod  SSM Application Name           Status           SSM Application Version
   ips Unknown                        No Image Present Not Applicable
  cxsc ASA CX                         Up               9.2.1.1
   sfr Unknown                        No Image Present Not Applicable
  Mod  Status             Data Plane Status     Compatibility
     0 Up Sys             Not Applicable        
   ips Unresponsive       Not Applicable        
  cxsc Up                 Up                    
   sfr Unresponsive       Not Applicable        
  Mod  License Name   License Status  Time Remaining
   ips IPS Module     Disabled        perpetual     

  The thing to keep in mind is what IPS you have purchased. There are three distinct types.
  The classic IPS uses the IPS software module. That uses a subscription that is bound to your ASA via your Smartnet support and does not require an license file once the software module is activated using an activation key.
  The CX module also has an IPS license option. That is configured from within the PRSM interface and will only be visible in PRSM - not in the "show module" output. Your output indicates the CX module is installed so if you have that IPS license type for CX (i.e. the FALCONXXXX.LIC) you need to follow the CX quick start guide and apply the license file via the PRSM GUI.
  There's also an IPS license type for the sfr (FirePOWER service module) which is installed via the separate FireSIGHT Management Center and applied to the module remotely.

• IPS network Module, need help!!!

  Folks,
  I recently installed IPS network module in my 3662 router. I am having problems making the IPS log anything.
  When i access the web interface of the IPS, i see only 1 interface available under virtual sensor, the interface is fast 0/1. and the media type it shows is Backplain.
  I am confused, i thought that fast 0/1 on the IPS network module was the management interface??? on the IPS?
  Why don't i see another interface that is connected to the backplain of the switch???
  Many thanks

  There are 2 interfaces on the NM-CIDS.
  In version 5.0 they are called:
  FastEthernet0/0 and FastEthernet0/1
  FastEthernet0/0 is the external copper interface that you can plug a cable in to. It is the command and control port for managing the NM-CIDS. It can not be used for monitoring (can not be applied to the virtual sensor)
  FastEthernet0/1 is the backplane interface. It receives packets from the router for monitoring. This is the interface that should be applied to the virtual sensor.

• HP 4200 series Printer Drivers

  I am having a problem getting a new HP Deskjet F4280 to print. When I send a document to print, all the normal functions happen from selecting the number of copies , etc, and the print progress bar shows up and fills in but it never prints. The jobs completed shows whatever I send as completed with the time and date. I can get the Deskjet to Scan and Copy from the computer controls. I tried to find updated drivers at Apple.com for this printer but they are only there for OSX 10.5. Leopard.
  I have done the all steps HP online assistance has suggested but, do not have a solution yet. I have loaded the latest OSX drivers from the HP site and installed them. If I use the Printer Setup Utility to try to install it as a HP printer I am unable to find drivers, I presume because the printer is not listed (old listing of printers)
  I have now used the generic printer option in the Printer Setup Utility and have found I have a driver version 10.4 and PPD file version 1.0 listed.
  I go to "about this Mac" and look at the printer option, I now have installed:
  Deskjet F4200 series:
  Status: Idle
  Print Server: Local
  Driver Version: 10.4
  Default: Yes
  URI: usb://HP/Deskjet F4200 series?serial=CN8882D3VP05BR
  PPD: Generic PostScript Printer
  PPD File Version: 1.0
  PostScript Version: (2000.0) 1
  Can anyone tell me if this is the correct driver version I should have? Any idea what I need to do to get the printer to print?
  Thanks
  Ron

  OK, so I "think" you're installing driver version 9.7.1? - Yes
  In Print & Fax/Printer Setup, are you clicking on Default - which gives the default browser? - That's the main problem I think anyway. I cannot get the Print Browser selection window within the Printer Setup Utility to accept this printer so I can make it the default printer. If I go to the HP selection list, the Series 4200 or the drivers are not listed so I can't select the default printer.
  If I try the "Other" selection I am taken to my Documents folder and can get to all the other folders but I cannot find the printer and drivers in any subfolder.
  And the printer is connected by USB? Yes, I know that is working correctly as the install 9.7.1 program identifies the printer and gives the serial number when plugged in and turned an as directed
  Again - "generic" won't be useful in any way. I have found that to be very true.
  I don't understand what "the utility is not up to date" means here.
  What I mean is that when I select to "add a printer" I'm taken to the "Print Browsed " window where I hi-light the 4200 Series printer and make that selection. The Print Browser window tels me I have selected that printer and that is located at G4 (??? See below). I am then asked to select the printer or driver from the list provided in the drop down listings. I go to HP and the Series 4200 printer is not listed.
  Have you repaired permissions? (Disk Utility in Utilities) - Yes, every time I reinstall the 9.7.1 program.
  COULD the problem be that the printer is located at G4 instead of the Hard Drive? Just to make sure can you tell me how can I change the location to the Hard Drive ?
  Thanks
  Ron
  G4-867-DP

• Can any one suggest me how to use drawPixels method for 40 series devices

  Hello!
  I am using drawPixels method of DirectGraphics class the code I have written is :-
  Image offscreen=DirectUtils.createImage(width,height,0x00000000);// width and heights are integer value
  public final int MODEL=DirectGraphics.TYPE_INT_8888_ARGB ;
  Graphics offgra = offscreen.getGraphics();
  DirectGraphics directgraphics = DirectUtils.getDirectGraphics(offgra);
  directgraphics.drawPixels(imgData,false,0,width,0,0,width,height,0,MODEL); // imgData is a int array(int imgData[]) which contains required pixels of image.
  The above code is working fine with NOKIA 60 series device but when i use it with NOKIA 40 series device it gives java.lang.IllegalArgumentException.
  same time if i use :-
  directgraphics.drawPixels(imgData,false,0,width,0,0,width,height,0,DirectGraphics .TYPE_USHORT_4444_ARGB ) ;
  // imgData is a short array(short imgData[]) which contains required pixels of image. i have used different formet here.
  it works fine with 40 series device,
  can any one suggest me how to use drawPixels method for 40 series devices with format
  DirectGraphics .TYPE_INT_8888_ARGB .

  If Remote wipe is activated it can't be undone. And Once the Wipe is done, the device can nö longer be tracked.
  Sorry.

• Is the AT-MIO-16DE-10 an E series device?

  I'm trying to reinstall labview and I'm not sure which option to select. The choices are the recommended one, the one for all non-E series devices, and neither, and there's a note at the bottom for which devices should use neither.

  The AT-MIO-16DE-10 is an E Series device. Thus, I would pick the "recommended one" because that seems to apply to the E Series boards which are the regular boards produced by NI.
  If you still have troubles, let me know what version of LV you are trying to reinstall.
  L Aguila
  Applications Engineer
  National Instruments

• SCB-68 Reference Label for M series devices

  What's the difference between the SCB-68 Reference Label M series devices connector 0 and connector 1? I'm installing a NI PCI-6221-M series Multifunction DAQ and the SCB-68 connector block, and I don't know how to make the physical connections. With the SCB-68 kit, I received the Reference Label for the E-series devices. In the NI site, there is info about the connector 0, but what is the connector 0 and connector 1?
  Thanks,
  ZeK

  Good question Zek. The M series family uses a smaller version of the 68-pin connector used on E series so that two connectors can be located on the same board. The second connector is available on certain M seriies boards in order to provide connectivity to additional channels. In the case of the 6221, there is only one connector.
  The 6221 is fully compatible with the SCB-68. The following link provides a revised version of the SCB-68 label adapted for M Series devices:
  http://digital.ni.com/public.nsf/3efedde4322fef19862567740067f3cc/61ed77983ad7cca386256f66008215f1/$FILE/SCB68%20M%20Series%20Connector%200.pdf
  For pinout specific to a particular M Series device, you can refer to the M series help available at either one of the following locations:
  http://digital.ni.com/manuals.nsf/websearch/9477D6DF1FE5A72986256FAB00633DE4?OpenDocument&node=132100_US
  http://digital.ni.com/manuals.nsf/websearch/3AE9D4533E03A6EF86256FE300809FE6 (HTML format)

• Qualified Disks for px-Series Devices

  Note: The following information pertains only to px-Series network devices. If you have any other StorCenter network device, including ix-Series devices, this does not apply to you. 
  Before adding new hard drives to your StorCenter px-Series network device, please be sure to familiarize yourself with the following information. If you still have any additional questions about this topic, feel free to post them below. 
  Supported Drives: 
  For the current list of drive brands and models that have been tested with the StorCenter px devices and are supported for use, please visit https://iomega-na-en.custhelp.com/app/answers/detail/a_id/26012. Our approved hard drive list is still growing! Please check back with the list often or subscribe for updates by clicking on the "Notify Me" button on the above link. 
  Important: All disks within a single storage pool must meet the following requirements: 
  Same manufacturer 
  Same rotational speed 
  Same capacity
  Failure to meet these requirements may result in unpredictable device behavior and will not be supported by Iomega. If you need technical assistance, please be prepared to backup your data and remove any unsupported drives or configurations. 
  Pre-Installed Drives: 
  If you purchased your px device either fully or partially populated with drives, the device’s operating system resides partially on the drives. To replace all of the drives from the original configuration, follow the steps here: https://iomega-na-en.custhelp.com/app/answers/detail/a_id/27190

  What model px4 do you have? Version 4.0.8.23976 is the latest LifeLine firmware release for the px2-300d and px4-300d network storage devices while Version 4.1.4.24001 is the latest for the px4-400d.
  There is not any supported way to disable or restrict the services you are referring to. Debian is the operating system of the device so it would not be able to disable that unless by turning the device off.
  Apache is the web interface of our devices so if you disable Apache you will not be able to access the web management console and would have to do any configuration by SSH at that point. It might be able to disable Apache if you really wanted to, but the device may just restart the service after disabling it as it is a main function of the device.
  I'm not sure about OpenSSL and PHP, but if you are concerned about the Heartbleed bug, it only affects the px4-400d and px4-400r. Please see the following release from Lenovo: OpenSSL Heartbleed security vulnerability
  Have questions and need answers?
  Search the database for answers to FAQ's, software/driver downloads, tutorials, news, features and more!
  LenovoEMC Support & Downloads
  LenovoEMC North America Support Contact Page