42-12
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 42 Configuring Attack Response Controller for Blocking and Rate Limiting
Blocking Page
User Profile Dialog Box
Use the Add or Modify User Profile dialog box to add or modify a user profile for an IPS blocking
device. The profile defines a username and passwords that the IPS device can use to log into and
configure the router, switch, or firewall that will implement IPS blocking.
Although you can save a profile that has a profile name only, the requirements for username, password,
and enable password are determined by the device. You must specify the items required by the device to
enter configuration mode, or the IPS cannot configure blocking on the device.
Navigation Path
From the IPS Blocking policy, select the User Profiles tab and click the Add Row button or select an
existing sensor and click the Edit Row button. For information on opening the Blocking policy, see
Blocking Page, page 42-8.
Field Reference
Max Blocks The maximum number of entries to block. The range is 1 to 65535. The
default is 250.
Max Interfaces The maximum number of interfaces for performing blocks. For
example, a PIX 500 series security appliance counts as one interface. A
router with one interface counts as one, but a router with two interfaces
counts as two. The maximum number of interfaces is 250 per device.
The default is 250.
You use Max Interfaces to set an upper limit on the number of devices
and interfaces that ARC can manage. The total number of blocking
devices (not including master blocking sensors) cannot exceed this
value. The total number of blocking items also cannot exceed this
value, where a blocking item is one security appliance context, one
router blocking interface/direction, or one Catalyst Software switch
blocking VLAN.
Note In addition, the following maximum limits are fixed and you
cannot change them: 100 interfaces per device, 250 security
appliances, 250 routers, 250 Catalyst Software switches, and
100 master blocking sensors.
Max Rate Limits The maximum number of rate limit entries. The maximum rate limit
must be equal to or less than the maximum blocking entries. The range
is 1 to 32767. The default value is 250.
Table 42-2 General Tab, IPS Blocking Policy (Continued)
Element Description
Table 42-3 User Profile Dialog Box
Element Description
Profile Name The name of the profile, up to 64 alphanumeric characters.
Username The username to use when logging into the blocking device.
Password The login password for the username, if required.