Cisco NGIPS
To integrate JSA Risk Manager with your network devices, ensure that you review the requirements for the Cisco Next-Generation Intrusion Prevention System (NGIPS) adapter.
The following features are available with the Cisco NGIPS adapter:
IPS
SSH connection protocol
Limitations:
Intrusion policies attached to individual access control rules are not used by JSA Risk Manager. Only the default intrusion policy is supported.
NAT and VPN are not supported.
The following table describes the integration requirements for the Cisco NGIPS adapter.
Integration requirement |
Description |
---|---|
Versions |
6.2.0 |
SNMP discovery |
No |
Required credential parameters To add credentials in JSA log in as an administrator and use Configuration Source Management on the Admin tab. |
Username Password |
Supported connection protocols To add protocols in JSA, log in as an administrator and use Configuration Source Management on the Admin tab. |
SSH |
Commands that the adapter requires to log in and collect data |
|
Commands that the adapter uses to read configuration information: To get hardware information. To get the system host name. To get routing information. Use the cat or head command to read files and get configurations. Read to get the base directory for the SNORT instance, which
is referenced as Read the IPS rules and objects. Read the SNORT configuration. Files are read in dynamically when they are referenced in the The adapter uses the find command is to search for IP reputation files in this directory. File that is read to get the database connection credentials. |
|