Reviewing Configuration Files

Reviewing Configuration Files

1. From the Management Center of IDS Sensors page in Figure 10.9, select Configuration | Pending. The Pending configurations page appears, as shown in Figure 10.29.

   
   Figure 10.29: The Pending Configurations Page

2. Check the box associated with the sensor whose configuration is to be saved in the IDS Database.

3. Click Save to save the configuration in the IDS Database or click Delete to delete it.

Generating Configuration Files

To generate a configuration file is to take a file of sensor configuration settings that is stored in the IDS Database and prepare it for deployment to the sensor itself. Generating a configuration file starts with the Management Center of IDS Sensors page, shown in Figure 10.9.

1. From the Management Center of IDS Sensors page shown in Figure 10.9, select Deployment | Generate.

2. The Generate page appears, as shown in Figure 10.30. To generate a configuration file for a specific sensor, select that sensor from the tree and click Generate. Once the configuration file has been generated, it is now ready for the approval process.

   
   Figure 10.30: The Generate Page

Approving Configuration Files

CiscoWorks2000 allows for a separation of duties among user roles. This makes it possible to assign the approval of configuration files and other actions to a specific account. By separating various functions among different accounts, CiscoWorks2000 allows for a "checks-and-balance" system whereby administrators are able to verify configurations for network equipment. This is especially important in IDS because an error in the configuration file for an IDS sensor may result in the sensor not identifying an attack.

1. From the Management Center of IDS Sensors page in Figure 10.9, select Deployment | Approve.

2. The Approve page appears, as shown in Figure 10.31. To approve the configuration generated, check the corresponding box and click the Approve button.

   
   Figure 10.31: The Approve Page

3. To view a selected IDS configuration file before approving it, check the corresponding box to the right of the configuration file name and click the View button.

4. To delete an IDS configuration without approving it, check the corresponding box to the right of the configuration file name and select the Delete button.

Deploying Configuration Files

1. From the Management Center for IDS Sensors page, select Deployment | Deploy. Select Submit from the Table of Contents.

2. The Submit page appears, as shown in Figure 10.32. From the tree, check the box next to the sensor name where the configuration file is to be deployed.

   
   Figure 10.32: The Submit Page

3. The Select Configuration page appears. Select a sensor configuration by checking the corresponding box and click Next.

4. The Enter Job Properties page appears. Under Schedule Type, enter the name of the job from the Job Name field.

5. The job will deploy the configuration to the selected sensor. To start the job immediately, click the Immediate button. To schedule the job to execute at a later time, click the Scheduled radio button and select the desired options.

6. Click the Finish button.

7. The Submit page appears. To verify the scheduled job return to the Management Center for IDS Sensors page, as shown in Figure 10.9. Select Deployment | Deploy. From the Table of Contents, select Pending. The Pending jobs page appears, as shown in Figure 10.33. On this page, it is possible to edit a pending deployment or delete it by using the Edit and Delete buttons.

   
   Figure 10.33: The Pending Jobs Page