Need Help with a Cisco IPS Upgrade Please

Panzer919

Let me start by saying that I know nothing about the Cisco IPS devices and don't really know that much about ASA's. All i have done with the ASA is setup ACL's, inside and outside nats and VPN's but that was just copying an existing config and modifying it. This issue is a little different.

I have to remove a Cisco IPS system and install an ASA IPS module and wanted to know if you can copy the configuration from the IPS system and paste it into the module once booted up into the ASA? Is there anything else I need to know before I load the configuration? Packages or software to load first perhaps?

I tried searching the forum but came up empty handed. I also searched online but apparently could not put in the correct search terms so I only got doc's on how to set it up from scratch.

I went on cisco's site and looked under the security/ips/ips module for asa section and downloaded the latest items so hopefully that is all I would need to do once I get this configuration problem straightened out.

Any help would be greatly appreciated.

Demiurge

The ASA IPS modules run the same code as the stand alone sensors so as long as the code version are the same there shouldn't be much to it. You may need to tweak the network settings a bit, but signatures and filters are exactly the same.

mikearama

Yeah, the config copy should be straight forward. The new part for you will be the process to tell the ASA what traffic to send to the IPS module. It's all MPF language for that deal... policy maps and class maps.

You can do some digging on how to config this on the ASA, or post back, and we can give you some pointers.

Panzer919

Thanks to everyone who replied.

On Saturday I copied and pasted the configs in over the weekend, updated the software and through ASDM sent traffic matching any any IP to the IP's so I'm hoping everything is set up correctly. I have not heard anything yet so that should be a good sign.