Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems RVS4000RF manual IPS Configuration, Anomaly Detection

Models: RVS4000RF

1 195

Download 195 pages 32.44 Kb

Page 82

Setting Up and Configuring the Router	5
Setting Up and Configuring the Router
IPS

IPS

IPS > Configuration

IPS > Configuration

IPS Function Select Enable to enable or Disable to disable the IPS Function.

Anomaly Detection

HTTP Web attack signature is matched. HTTP request decoder decodes UTF-8 (1, 2, and 3 byte) code and normalize URI (according to those evasion methods mentioned in whisker) before pattern match.

FTP FTP Bounce Detection and Inserting telnet opcodes into FTP command stream Detection.

TELNET Normalization of Telnet negotiation strings.

RPC RPC record fragging detection.

Signature Update Before upgrading the signature file, get the Router Intrusion Prevention System (IPS) file from the Cisco website. To find the file, go to www.cisco.com/go/software (registration/login required), and search for RVS4000. After downloading and extracting the file, enter the IPS Signature file name in the Signature Update field, or click Browse to find the file. Then click Update and follow the on-screen instructions.

Cisco RVS4000 Security Router with VPN Administrator Guide

82

Image 82

Cisco Systems RVS4000RF manual IPS Configuration, Anomaly Detection

Contents

Administration Guide Cisco Systems, Inc. All rights reserved OL-22605-02 Planning Your Virtual Private Network VPN Setting Up and Configuring the RouterIntroduction Networking and Security Basics Getting Started with the RVS4000 RouterVPN Using the VPN Setup Wizard Appendix a Troubleshooting 116Appendix D Gateway-to-Gateway VPN Tunnel 166 Appendix E Cisco ProtectLink Web Service 182Appendix F Specifications 190 Windows 2000 or Windows XP RVS4000Appendix G Where to Go From Here 194 Introduction Networking and Security Basics An Introduction to LANsUse of IP Addresses Configuring the RouterNetworking and Security Basics Intrusion Prevention System IPS IPS Scenarios Why do I need a VPN? Why do I need a VPN?, What is a VPN?,Man in the middle attacks MAC Address SpoofingData Sniffing Planning Your Virtual Private Network VPNWhat is a VPN? VPN Router to VPN Router VPN Router to VPN RouterComputer to VPN Router Tunnel Front Panel Front PanelGetting Started with the RVS4000 Router Back PanelBack Panel Desktop Option Placement OptionsStand Option Wall Option Installing the Router Configuring the Router Setting Up and Configuring the Router Setting Up and Configuring the Router Setup Summary SetupLogin Window System Information Setup SummaryPort Statistics IPSec VPN Setting Status Network Setting StatusFirewall Setting Status Log Setting StatusAutomatic Configuration Dhcp Setup WANInternet Connection Type Static IP Static IPPPPoE PPPoEPptp Heart Beat Signal Heart Beat SignalL2TP Setting Up and Configuring the Router Optional Settings Required by some ISPs Optional SettingsClick Save Setup LAN Setup LANServer Settings Dhcp IPv4IPv6 Setup DMZStatic IP Mapping DHCPv6Setup DMZ Setup MAC Address CloneSetup MAC Address Clone Setup Advanced Routing Setup Advanced RoutingOperating Mode Dynamic RoutingStatic Routing Inter-VLAN RoutingSetup Time Setup TimeEnable option Setup IP Mode Setup IP ModeFirewall Basic Settings Firewall Basic SettingsFirewall Setting Up and Configuring the Router Firewall IP Based ACL Firewall IP Based ACLEditing IP ACL Rules Editing IP ACL RulesSetting Up and Configuring the Router Firewall Internet Access Policy Firewall Internet Access PolicyInternet Policy Summary List of PCs Setting Up and Configuring the Router Firewall Single Port Forwarding Firewall Single Port ForwardingFirewall Port Range Forwarding Firewall Port Range ForwardingFirewall Port Range Triggering Firewall Port Range TriggeringProtectLink ProtectLink Purchase ProtectLinkProtectLink ProtectLink Purchase Tunnel Status VPN SummaryVPN Summary VPN Clients Status VPN IPSec VPN VPN IPSec VPNRemote Group Setup Local Group SetupName Fqdn Authentication IPSec Setup PhaseStatus VPN VPN Client Accounts VPN VPN Client AccountsVPN Client List Table Certificate ManagementVPN VPN Passthrough VPN VPN PassthroughQoS Bandwidth Management QoSQoS Bandwidth Management Rate Control Bandwidth Management Type BandwidthRate Control Priority QoS Bandwidth Management PriorityCoS Setup QoS QoS SetupQoS QoS Setup QoS Dscp Setup QoS Dscp SetupRouter Access AdministrationAdministration Management Administration ManagementUPnP Administration Log Administration LogLog Setting Log Levels Severity Name DescriptionEmail Alerts Syslog Administration DiagnosticsAdministration Diagnostics Local LogPing Test Parameters Cable DiagnosticsTraceroute Test Parameters Restore Configuration Administration Backup & RestoreAdministration Backup & Restore Administration Factory Default Administration Factory DefaultAdministration Reboot Administration RebootAdministration Firmware Upgrade Administration Firmware UpgradeClick Start to Upgrade Click the Small Business Router Firmware linkIPS Configuration IPS ConfigurationAnomaly Detection Instant Messenger Peer to PeerPeer To Peer Attacker IPS ReportAttack Category IPS Report IPS Information L2 SwitchL2 Switch Create Vlan IPS InformationL2 Switch Create Vlan Delete Selected VlanL2 Switch Vlan Port Setting L2 Switch Vlan Port SettingL2 Switch Vlan Membership L2 Switch Vlan MembershipL2 Switch Radius L2 Switch RadiusL2 Switch Port Setting L2 Switch Port SettingL2 Switch Statistics L2 Switch StatisticsStatistics Overview L2 Switch Port Mirroring L2 Switch Port MirroringL2 Switch Rstp L2 Switch RstpInternet Connection StatusStatus Gateway Status GatewayIP Conntrack Status Gateway IP ConntrackStatus Local Network Status Local NetworkVPN Setup Wizard Before You BeginClick Firewall Basic Settings Running the VPN Setup WizardUsing the VPN Setup Wizard \VPN Setup Wizard.exeWelcome Window Informational Window Build VPN Connection Remotely Configure VPN Tunnel Check Router Configuration Summary Window Vpnc Summary WindowConfigure the Router Test the Connection Exit the Wizard Test ResultsBuilding Your VPN Connection Remotely Configure VPN Tunnel Window Check Router Configuration Summary Window Configure the Router Test the Connection View Test Results Troubleshooting Need to set a static IP address on a PCTroubleshooting Windows XPWant to test my Internet connection Windows XPTroubleshooting Troubleshooting Need to set up a server behind my router Application Start and End Protocol IP Address EnableConfigure as many entries as you like Go to Setup DMZ Can’t get an Internet game, server, or application to workFirmware upgrade failed To start over, I need to set the router to factory defaultNeed to upgrade the firmware Follow the instructions in Administration Firmware Upgrade,My DSL service’s PPPoE is always disconnecting Click the Router Firmware Rescue Utility linkNeed to use port triggering Troubleshooting Is IPSec Passthrough supported by the router? Frequently Asked QuestionsWhere is the router installed on the network? Does the router support IPX or AppleTalk?What is Network Address Translation and what is it used for? Does the router support ICQ send file?How can I be notified of new router firmware upgrades? If all else fails in the installation, what can I do?How can I block corrupted FTP downloads? Is the router cross-platform compatible? What is DMZ Hosting?Will the router function in a Macintosh environment? How many ports can be simultaneously forwarded?How can I check whether I have static or Dhcp IP addresses? Which modems are compatible with the router?How do I get mIRC to work with the router? Overview Click the VPN VPN Client AccountsClick Add/Save Using Cisco QuickVPN for Windows 2000, XP, or VistaVPN Client Accounts Window Installing from the CD-ROM Installing the Cisco QuickVPN SoftwareLicense Agreement Copying Files Finished Installing Files Using the Cisco QuickVPN Software Downloading and Installing from the InternetQuickVPN Login QuickVPN Status Connect Virtual Private Connection Distributing Certificates to QuickVPN UsersSelect VPN VPN Client Accounts \Program Files\Cisco\QuickVPN Client\ Configuring IPSec with a Windows 2000 or XP Computer IntroductionEnvironment How to Establish a Secure IPSec TunnelConfiguring IPSec with a Windows 2000 or XP Computer Windows 2000 or Windows XPLocal Security Settings Establishing a Secure IPSec TunnelFilter List 1 win router Rules TabIP Filter List Tab IP Filter ListFilters Properties Filter List 2 router win New Rules PropertiesConfiguring IPSec with a Windows 2000 or XP Computer New Rule Properties Tunnel 1 win-Router Filter Action Tab Security Methods Tab Authentication Methods Tab Preshared KeyTunnel Setting Tab New Preshared KeyTunnel 2 Router-win Connection Type TabProperties Window Filter Action Tab Preshared Key New Preshared Key Connection Type Tab Local Computer Click VPN IPSec VPN VPN IPSec VPN Configuring IPSec with a Windows 2000 or XP Computer Gateway-to-Gateway VPN Tunnel Gateway-to-Gateway VPN Tunnel RVS4000 IPSec VPN Settings RVS4000 IPSec Setup Settings Click the Gateway to Gateway tabRV082 VPN Settings RV082 IPSec Setup Settings Click VPN IPSec VPN RVS4000 IPSec VPN Settings RVS4000 IPSec Setup Settings RV082 VPN Settings RV082 IPSec Setup Settings Configuration When Both Gateways Use Dynamic IP Addresses RVS4000 IPSec VPN Settings RVS4000 IPSec Setup Settings RV082 VPN Settings RV082 IPSec Setup Settings Cisco ProtectLink Web Service How to Access the Configuration UtilityCisco ProtectLink Web Service How to Purchase, Register, or Activate the ServiceProtectLink ProtectLink Inactive ProtectLink Web Protection How to Use the ServiceProtectLink Active ProtectLink Web Protection Web Protection FriApproved URLs License ProtectLink LicenseProtectLink License Setup/Config SpecificationsPerformance Management Security FeaturesSpecifications QoSRouting NetworkLayer Environmental Product Documentation Product ResourcesSupport Cisco Small BusinessWhere to Go From Here Related Documentation