Chapter 9 Configuring Security Features
Configuring Cisco IOS IPS
Configuring Cisco IOS IPS
Cisco IOS Intrusion Prevention System (IPS) technology is available on Cisco 819 ISRs and enhances perimeter firewall protection by taking appropriate action on packets and flows that violate the security policy or represent malicious network activity.
Cisco IOS IPS identifies attacks using “signatures” to detect patterns of misuse in network traffic. Cisco IOS IPS acts as an
•Sends an alarm
•Drops suspicious packets
•Resets the connection
•Denies traffic from the source IP address of the attacker for a specified amount of time
•Denies traffic on the connection for which the signature was seen for a specified amount of time
For additional information about configuring Cisco IOS IPS, see Securing the Data Plane Configuration Guide Library, Cisco IOS Release 12.4.
URL Filtering
Cisco 819 ISRs provide category based URL filtering. The user provisions URL filtering on the ISR by selecting categories of websites to be permitted or blocked. An external server, maintained by a third party, will be used to check for URLs in each category. Permit and deny policies are maintained on the ISR. The service is subscription based, and the URLs in each category are maintained by the
For additional information about configuring URL filtering, see
Configuring VPN
A virtual private network (VPN) connection provides a secure connection between two networks over a public network such as the Internet. Cisco 819 ISRs support two types of
•Remote Access VPN, page
•
•Configuration Examples, page
•Configure a VPN over an IPSec Tunnel, page
•Create a Cisco Easy VPN Remote Configuration, page
•Configure a
Cisco 819 Series Integrated Services Routers Software Configuration Guide
|
| |
|
