35-23
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter3 5 Getting Started with IPS Configuration
Identifying an HTTP Proxy Server
Identifying an HTTP Proxy Server
If you configure global correlation on an IPS 7.0+ sensor, and your network requires the use of HTTP
proxies to connect to the Internet, you need to configure the HTTP Proxy policy to identify a proxy that
the IPS sensor can use. When downloading global correlation updates, the IPS sensor connects to the
update server using this proxy. The proxy must be able to resolve DNS names.
Tip If you do not use HTTP proxies, configure DNS servers so that the IPS sensor can resolve the address
of the update server. See Identifying DNS Servers, page35-22.
Note The AIP-SSC-5 service module does not support HTTP proxy servers.
Step 1 Do one of the following to open the HTTP Proxy policy:
(Device view) Select Platform > Device Admin > Server Access > HTTP Proxy from the Policy
selector.
(Policy view) Select IPS > Platform > Device Admin > Server Access > HTTP Proxy, then select
an existing policy or create a new one.
Step 2 Configure the following options:
Enable Proxy—Select this option to tell the device to connect through the configured proxy server.
IP Address—Enter the IP address of the proxy server, or the name of the network/host object that
contains the server’s IP address. Click Select to select a network/host object from a list or to create
a new one. The network/host object must contain a single host IP address.
Port—Enter the port number used for HTTP connections to the proxy server. The default is 80.
Configuring the External Product Interface
Use the External Product Interface policy to configure the way that Security Manager works with
Management Center for Cisco Security Agents (CSA MC).
In general, the external product interface is designed to receive and process information from external
security and management products. These external security and management products collect
information that can be used to automatically enhance the sensor configuration information.
Management Center for Cisco Security Agents is the only external product that can be configured to
communicate with the IPS. At most two Management Center for Cisco Security Agents servers can be
configured per IPS device.
Tip Management Center for Cisco Security Agents is no longer an active product. Configure this policy only
if you are still using that application. For more information, see About CSA MC in Installing and Using
Cisco Intrusion Prevention System Device Manager 6.0 and
http://www.cisco.com/en/US/products/sw/cscowork/ps5212/index.html.
Management Center for Cisco Security Agents enforces a security policy on network hosts. It has two
components: