Which two protocols enable Cisco Configuration Professional to pull IPS alerts from a Cisco ISR router? (Choose two.)
A . syslog
B . SDEE
C . FTP
D . TFTP
E . SSH
F . HTTPS
Answer: B,F
Explanation:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper090 0aecd805c4ea8.html
Step 4: Enabling IOS IPS
The fourth step is to configure IOS IPS using the following sequence of steps:
Step 4.1: Create a rule name (This will be used on an interface to enable IPS)
ip ips name <rule name>< optional ACL>
router#configure terminal router(config)# ip ips name iosips
You can specify an optional extended or standard access control list (ACL) to filter the traffic that will be scanned by this rule name. All traffic that is permitted by the ACL is subject to inspection by the IPS. Traffic that is denied by the ACL is not inspected by the IPS.
router(config)#ip ips name ips list?
<1-199> Numbered access list
WORD Named access list
Step 4.2: Configure IPS signature storage location, this is the directory `ips’ created in Step 2 ip ips config location flash:<directory name>
router(config)#ip ips config location flash:ips
Step 4.3: Enable IPS SDEE event notification
ip ips notify sdee router(config)#ip ips notify sdee
To use SDEE, the HTTP server must be enabled (via the `ip http server’ command). If the HTTP server is not enabled, the router cannot respond to the SDEE clients because it cannot see the requests. SDEE notification is disabled by default and must be explicitly enabled.
Leave a Reply