Cisco WS-X6381-IDS - Intrusion Detection System Module Manuale Utente Scaricare il pdf (Pagina 3)

Parameter Value

Director’s heart beat interval Keep the default setting of 5

Director’s organization name podP (where P = pod number)

Director’s organization id P (where P = pod number)

Note The IDSM command and control port is assigned the Sensor’s settings.

Step 6 After entering and reviewing all communication parameters enter yes when

prompted to apply this configuration. If you made any mistakes, enter no and re-

run the setup command.

Note The IDSM will reset after you accept and apply the configuration. You will be

logged out and returned to the switch prompt.

Task 2—Configure the switch for ID analysis

Perform the following lab steps to configure the switch for Intrusion Detection

analysis using the VLAN ACL (VACL) feature. Follow the convention where

P=pod number and PVLAN=300 + P. For example, student pod 3 would have

PVLAN= 303. Your instructor will assign your Module number, M.

Step 1 Go into privileged mode:

switch> enable

Password: cisco

switch>(enable)

Step 2 Verify your IDS module status is ok. Do NOT continue until the module status is

ok.

switch>(enable) show module M

switch> (enable) show module 3

Mod Slot Ports Module-Type Model Sub Status

3 3 2 Intrusion Detection System WS-X6381-IDS no ok

Step 3 Set the command and control port to the VLAN that can communicate with

CSPM:

switch>(enable) set vlan PVLAN M/2

(where PVLAN = 300 + pod number, and M=module number assigned)

Note You will receive an error if you attempt to add the command and control interface

to a VLAN if the module status is not ok.

Step 4 Create the VACL to capture all IP traffic destined to your VLAN:

switch#(enable) set security acl ip SPAN_PVLAN permit ip any any capture

(where PVLAN = 300 + pod number)

Step 5 Commit the VACL to NVRAM:

1 2 3 4 5 6 7 8

Nessun commento

Cisco WS-X6381-IDS - Intrusion Detection System Module Manuale Utente Pagina 3