Cisco IOS Intrusion Prevention System (IPS)
Intrusion Prevention replaces mere Intrusion Detection from previous IOS versions. IDS for the IOS was certainly nice (you get alerted when a security attack is occurring), but obviously, stopping an attack is much more powerful.
IPS 6.X Device Manager
------------------------
I. Device Manager
a. Intro
i. IDM lives on the sensor and gives you a GUI option for managing the device
ii. TLS/SSL
1. used to secure communications
IPS 6.X Command Line Interface
-------------------------------
I. IPS CLI
a. Overview
i. Accessing
1. SSH
2. Serial interface (console)
3. Telnet (disabled by default)
CCIE Security 2.X Verification Commands
=======================================
This is obviously a very short list. Remember, we recommend use of the Cisco Intrusion Prevention System Device Manager (IDM) for management and configuration of the device during the lab exam. While this graphical user interface (GUI) will be used for most tasks, there are still some useful and quick command line verification tasks for you here.
IPS CLI 5.1
Initial Setup
more current-config
more current-config | include COMMAND
ping
show interfaces
show version
trace
Operation
show events
show os-identification
show settings
show settings terse | begin COMMAND
show statistics
show statistics SERVICE_NAME
