Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

CHAPTER

42-1

User Guide for Cisco Security Manager 4.4

OL-28826-01

Configuring Attack Response Controller for

Blocking and Rate Limiting

You can configure an IPS device to implement blocks or rate limits to control attacks. Blocking and rate

limiting are primarily of use when operating in promiscuous mode. When operating in inline mode, it is

much more efficient to have the IPS drop traffic itself. Blocking and rate limiting are actions that other

devices implement at the request of the IPS; thus, configuring blocking and rate limiting is a more

complex configuration than simple inline denies.

To configure blocking or rate limiting, you must identify the network device that performs the blocking.

A network device that performs blocking is called a blocking device. Many network devices can be used

to support blocking: Cisco IOS routers and Catalyst 6500 switches, Cisco security appliances (ASA,

PIX, and FWSM), and Catalyst 6500/7600 devices running the Catalyst operating system. You can also

configure another IPS device to act as a master blocking sensor.

Note IPS blocking and rate limiting works only for IPS appliances and service modules. You cannot configure

it for Cisco IOS IPS.

This chapter contains the following topics:

• Understanding IPS Blocking, page 42-1

• Configuring IPS Blocking and Rate Limiting, page 42-7

• Blocking Page, page 42-8

Understanding IPS Blocking

The Attack Response Controller (ARC) component of the IPS is responsible for managing network

devices in response to suspicious events by blocking access from attacking hosts and networks. ARC

blocks the IP address on the devices it is managing. It sends the same block to all the devices it is

managing, including any other master blocking sensors. ARC monitors the time for the block and

removes the block after the time has expired.

Note ARC is formerly known as Network Access Controller. Although the name has been changed, the IPS

documentation and configuration interfaces contain references to Network Access Controller, nac, and

network-access.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems CL-28826-01 Security Camera User Manual