Verify the IPS configuration

This topic covers the commands that allow the administrator to verify that the configuration is correct. These include the show , clear , and debug commands.

show  Commands
To display IPS information such as configured sessions and signatures, use the show ip ips command in privileged EXEC mode . Use the show ip ips configuration command to display additional configuration information, including default values that may not be displayed using the show run command.

Use the show ip ips interface command to display the interface configuration.

clear  Commands
To disable Cisco IOS IPS, remove all intrusion detection configuration entries, and release dynamic resources, use the clear ip ips configuration command in EXEC mode .

Use the clear ip ips statistics to reset statistics on packets analyzed and alarms sent.

To clear SDEE events or subscriptions, use the clear ip sdee command in EXEC configuration mode.

debug  Commands
Many debug commands are available to troubleshoot and test Cisco IOS IPS configurations. Use the no form of the commands to disable debugging a given option. The available debug commands are listed in Figure .

More information about these commands can be found in the Command Reference.

Lab Activity

Lab Exercise: Configure a Router with the IOS Intrusion Prevention System

In this lab activity, students will learn how to initialize IPS on the router. Students will also disable and exclude signatures. Students will then create and apply audit rules. After the IPS configuration is complete, students will verify the IPS configuration on the router and generate a test message.