36-6
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 36 Managing IPS Device Interfaces
Configuring Interfaces
Configuring Interfaces
Use the Interfaces policy for IPS appliances and service modules to configure the interface settings for
the device. The following topics explain how to configure the various types of settings. These topics do
not apply to Cisco IOS IPS devices, which use the standard router interface policies.
Understanding the IPS Interfaces Policy, page36-6
Configuring Physical Interfaces, page 36-10
Configuring Bypass Mode, page 36-12
Configuring CDP Mode, page 36-13
Configuring Inline Interface Pairs, page 36-13
Configuring Inline VLAN Pairs, page 36-14
Configuring VLAN Groups, page 36-15
Viewing a Summary of IPS Interface Configuration, page36-8

Understanding the IPS Interfaces Policy

Use the Interfaces policy to configure the physical interfaces, inline pairs, VLAN pairs, and VLAN
groups on IPS appliances and service modules. This policy does not apply to Cisco IOS IPS devices.
You can configure any single physical interface to run in promiscuous mode, inline pair mode, inline
VLAN pair mode, promiscuous VLAN group, or inline VLAN group, but you cannot configure an
interface in a combination of these modes.
Tip The contents of this policy differ depending on the device type and IPS software version. For example,
some devices display the physical interfaces tab only; creating the other types of configurations is not
supported. If a tab or option described below does not appear on the policy you are configuring, it does
not apply to the device.
Navigation Path
(Device view only) Select IPS > Interfaces from the Policy selector.
Related Topics
Understanding Interfaces, page 36-1
Understanding Interface Modes, page 36-2
Discovering Policies on Devices Already in Security Manager, page5-15