Lab 11.1.10 Implement Intrusion Detection [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

 Explanation

In this lab, your task is to:

• Enable the IPS on the LAN and DMZ interface.
• Manually update the IPS signature using C:\signatures\sbips000018.bin
• Use the following credentials to configure the NSA to automatically update the signature in the future:
  • Username: mary.r.brown
  • Password: Upd@teN0w (0 is a zero)
• Set the IPS policies to detect and prevent all known threats.

Complete this lab as follows:

1. Enable IPS as follows:
   1. In the Security Appliance Configuration utility, select IPS.
   2. Under IPS Enable, select Enable IPS Protection for LAN.
   3. Select Enable IPS Protection for DMZ.
   4. Select Apply.
2. Update the IPS signature as follows:
   1. Under Manual Signature Updates, select Browse.
   2. Browse to and select C:\Signatures\SBIPS000018.bin.
   3. Select Open.
   4. Select Upload.
   5. Refresh the page to update the IPS Signatures status.
   6. Select Automatically Update Signatures.
   7. In the Cisco.com User Name field, enter mary.r.brown.
   8. In the Password field, enter Upd@teN0w (0 is a zero).
   9. Select Apply.
3. Configure IPS policies as follows:
   1. In the left menu, select IPS Policy.
   2. For each IPS Category, select Detect and Prevent.
   3. Select Apply.