Filter
Top Products
35-25
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 35 Getting Started with IPS Configuration
Configuring the External Product Interface
Interface Type Identifies the physical interface type, which is always Extended SDEE.
Enable receipt of information Whether information is allowed to be passed from the external product
to the sensor.
SDEE URL The URL on the CSA MC the IPS uses to retrieve information using
SDEE communication. You must configure the URL based on the
software version of the CSA MC that the IPS is communicating with as
follows:
• For CSA MC version 5.0—/csamc50/sdee-server.
• For CSA MC version 5.1—/csamc51/sdee-server.
• For CSA MC version 5.2 and higher—/csamc/sdee-server (the
default value).
Port The port, or the port list object that identifies the port, being used for
communications. Enter the port or port list name, or click Select to
select the object from a list or to create a new object.
User name
Password
A username and password that can log into the external product.
Enable receipt of host
postures
Whether to allow the receipt of host posture information from CSA
MC. The host posture information received from a CSA MC is deleted
if you disable this option.
Allow unreachable hosts’
postures
Whether to allow the receipt of host posture information for hosts that
are not reachable by the CSA MC.
A host is not reachable if the CSA MC cannot establish a connection
with the host on any IP addresses in the host’s posture. This option is
useful in filtering the postures whose IP addresses may not be visible
to the IPS sensor or that might be duplicated across the network. This
filter is most applicable in network topologies where hosts that are not
reachable by the CSA MC are also not reachable by the IPS, for
example if the IPS and CSA MC are on the same network segment.
Posture ACL table Posture ACLs are network addresses for which host postures are
allowed or denied. Use posture ACLs to filter postures that have IP
addresses that might not be visible to the IPS or that might be
duplicated across the network.
• To add a posture ACL, click the Add Row (+) button. This opens
the Add Posture ACL dialog box. For information on configuring
the Posture ACL, see Posture ACL Dialog Box, page 35-26.
• To edit a posture ACL, select it and click the Edit Row (pencil)
button.
• To delete a posture ACL, select it and click the Delete Row (trash
can) button.
• To change the priority of an ACL, select it and click the Up or
Down button. ACLs are processed in order, and the action
associated with the first match is applied.
Table 35-6 External Product Interface Dialog Box (Continued)
Element Description