Configuring Cisco IOS IDS

To configure Cisco IOS IDS on a router and to have it report alarms to CiscoWorks Monitoring Center for Security, complete the following tasks:

Step 1.
Initialize Cisco IOS IDS on the router— This includes setting the notification type, the router's PostOffice parameters, Security Monitor's PostOffice parameters, the protected network definition, and the router's maximum queue size for holding alarms.
Step 2.
Configure, disable, or exclude signatures— This includes setting the spam attack threshold, disabling signatures globally, and excluding signatures by host or network.
Step 3.
Create and apply audit rules— This includes creating an audit rule for information or attack signatures and then applying it to an interface. ...

Get CCSP Self-Study: Securing Cisco IOS Networks (SECUR) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.