Contents
xli
Cisco ASA 5500 Series Configuration Guide using the CLI
Configuring Scanning Threat Detection 56-15
Information About Scanning Threat Detection 56-15
Guidelines and Limitations 56-16
Default Settings 56-16
Configuring Scanning Threat Detection 56-17
Monitoring Shunned Hosts, Attackers, and Targets 56-17
Feature History for Scanning Threat Detection 56-18
Configuration Examples for Threat Detection 56-19
CHAPTER
57 Using Protection Tools 57-1
Preventing IP Spoofing 57-1
Configuring the Fragment Size 57-2
Blocking Unwanted Connections 57-2
Configuring IP Audit for Basic IPS Support 57-3
Configuring IP Audit 57-3
IP Audit Signature List 57-4
PART
14 Configuring Modules
CHAPTER
58 Configuring the ASA IPS Module 58-1
Information About the ASA IPS module 58-1
How the ASA IPS module Works with the ASA 58-2
Operating Modes 58-2
Using Virtual Sensors (ASA 5510 and Higher) 58-3
Information About Management Access 58-4
Licensing Requirements for the ASA IPS module 58-5
Guidelines and Limitations 58-5
Default Settings 58-6
Configuring the ASA IPS module 58-6
Task Flow for the ASA IPS Module 58-7
Connecting Management Interface Cables 58-7
Sessioning to the Module from the ASA 58-9
Configuring Basic IPS Module Network Settings 58-10
(ASA 5510 and Higher) Configuring Basic Network Settings 58-10
(ASA 5505) Configuring Basic Network Settings 58-11
(ASA 5512-X through ASA 5555-X) Installing the Software Module 58-14
Configuring the Security Policy on the ASA IPS module 58-14
Assigning Virtual Sensors to a Security Context (ASA 5510 and Higher) 58-15