Home   | CCNA Certification  |   CCNP Training   | CompTIA |  Boot Camps  |  Free Tutorials   | MS Vista | About Me
 

Get My Exclusive FREE 7-Part Report,
"How To Pass The CCNA", Daily FREE
Cisco And CompTIA Exam Questions,
And All The Latest Certification News
In My Daily Newsletter!

Privacy Policy

Name:
Email:
  More Testimonials >
Visit my blog for free daily Cisco CCNA and CCNP certification questions, my latest free articles and tutorials, and more!


 

Cisco CCNP ISCW Exam Tutorial

Using Security Device Manager (SDM) To Configure IPS

By Chris Bryant, CCIE #12933

Whether you're studying for the CCNP ISCW exam or not, there's one thing we all need to get used to - Cisco GUI interfaces are here to stay!

Yeah, I know there's nothing like working at the command line! :) The CLI isn't going anywhere, and any network admin who wants to be Cisco certified had better remember that - but we do have some GUI interfaces that we need to be familiar with as well, and that's particularly true of the CCNP certification and Cisco's Security Device Manager (SDM).

All CCNP candidates should be familiar with SDM before taking the ISCW and/or ONT exams, and even though you will not see SDM on the current CCNA 640-802 exam or the CCENT certifications, it's a good idea for those certification candidates to be familiar with it as well. You never know when you'll bump into SDM when you're working with production networks!

This tutorial will concentrate on working with SDM to configure an Intrusion Prevention System (IPS) rule and apply it to an interface, a skill that will come in handy on your ISCW exam. Even if you're not working on that exam, though, take a few minutes to use the following SDM illustrations and get familiar with this application.

The first rule of SDM: "When in doubt, click the Configure button!" That's what I've done from SDM's Home page. The Configure screen has self-explanatory buttons down the left-hand side, and it opens to the Interfaces and Connections screen.

To configure IPS, select the Intrusion Prevention button.

SDM Configure Screen

 

The IPS section has two tabs, Create IPS and Edit IPS.  Naturally, we need to create an IPS rule before we edit one!  SDM gives a great explanation of what the IPS Rule Configuration Wizard does:

SDM Create IPS Screen

 

If SDEE isn't already enabled on the router, clicking Launch IPS Rule Wizard will prompt you as follows:

SDM SDEE Notification

 

After clicking OK, we're brought to the IPS Policies Wizard, which also has a great self-explanation! (Of course, questions on the ISCW exam probably won't have such a great explanation provided - you'll have to be ready to provide one!)

SDM IPS Policies Wizard

 

After clicking Next, we're prompted to indicate the interfaces that will be IPS-enabled, and the direction in which the rule should be applied.  We'll choose outbound on FastEthernet 0/1.  (We can use the Edit IPS options to change this later.)

SDM Select Interfaces

On the next screen, we'll indicate which Signature Definition File (SDF) to load, and where it should be loaded from.

 

If we list more than one file and location, the IOS will attempt to load them in the order in which we list them.  I'll click Add to add a file, and choose only the 256MB.sdm file.  Note that I could also indicate a URL.

SDM SDF Location

 

After clicking OK, we're taken back to the main SDF location window, and you can see the one and only SDF file indicated is the 256MB.sdf file in Flash. 

SDF Location Added

 

Also note the Use Built-In Signatures (as backup) option was enabled by default.  Cisco documentation strongly suggests keeping this box checked.

Before delivering the config to the router, the Summary window does just that - it summarizes the configuration that we just created.  However, it does not show the exact commands that will be delivered.

SDF IPS Summary

 

Before I started this lab, I checked the Preferences box in SDM to show the actual commands before delivering them to the router. As a result, the next window displays the IOS commands to be delivered. 

SDM Command Preview

 

There is an option to save the configuration after delivery, and this is not checked by default.  (Personally, I always save the config at the actual router CLI, since I've gotten more than one delivery error when attempting to save the config through SDM.)

After clicking Deliver, you'll see the following window. 

SDM Command Delivery Status

 

The blue bar above OK will scroll back and forth as the commands are delivered, and then go solid when the delivery is complete.   For most configurations, this takes only seconds.

The Signature Compilation Status window then opens and confirms the microengines are ready for business!

IPS Signature Status

After clicking Close, we're taken to the Edit IPS window. We'll pick up there in my next CCNP ISCW exam tutorial!

In the meantime, purchase your copy of my ISCW Study Package or The Ultimate CCNP Study Package Bundle, which covers all four CCNP exams, and be totally prepared for CCNP exam success! (There are more free tutorials at the bottom of the ISCW page!)

To your success,

Chris Bryant

CCIE #12933

chris@thebryantadvantage.com

 

 

The Ultimate CCNA Study Package | The Ultimate CCNA Study Guide

Binary Math And Subnetting Mastery

Cisco Rack Rentals

CCNP BSCI Exam Study Package

CCNP BCMSN Exam Study Package

CCNP BCRAN Exam Study Package

CCNP CIT Exam Study Package | CCNP BSCI Exam Study Guide

CCNA CBT Video Boot Camp | CCNP BSCI Video Boot Camp

Cisco Training Tutorials And Cisco Certification Articles

CCNP CBT BCMSN Video Boot Camp | CCNP CBT BCRAN Video Boot Camp

CompTIA Network+ Exam Study Package

CompTIA Security+ Exam Study Package

CompTIA A + Certification Exam Study Package

CCNA Training Store | CCNP Certification Training Store

CompTIA Certification Training Store

Cisco Lab Router And Switch Home Lab Help

Site Map | Home Page | Testimonials

Microsoft Windows Vista Certification Updates And News

The Bryant Advantage Blog | About Chris Bryant, CCIE #12933