Communications; Idapi; Rdep2; Idiom - Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual

Appendix A System Architecture
Case Sensitivity
•
Display Options
•
•

Communications

This section describes the communications protocols used by IPS 5.0. It contains the following topics:
•
•
•
•
•
•

IDAPI

IPS applications use an interprocess communication API called IDAPI to handle internal
communications. IDAPI reads and writes event data and provides a mechanism for control transactions.
IDAPI is the interface through which all the applications communicate.
SensorApp captures and analyzes the network traffic on its interfaces. When a signature is matched,
SensorApp generates an alert, which is stored in the Event Store. If the signature is configured to perform
the blocking response action, SensorApp generates a block event, which is also stored in the Event Store.
Figure A-5
Figure A-5
SensorApp
78-16527-01
The CLI is not case sensitive, but it does echo back the text in the same case you typed it. For
example, if you type:
sensor# CONF
and press Tab, the sensor displays:
sensor# CONFigure
is an interactive prompt that indicates that the terminal output exceeds the allotted display
—More—
space. To display the remaining output, press the spacebar to display the next page of output or
press Enter to display the output one line at a time.
To clear the current line contents and return to a blank command line, press Ctrl-C.
IDAPI, page A-31
RDEP2, page A-32
IDIOM, page A-34
IDCONF, page A-34
SDEE, page A-35
CIDEE, page A-35
illustrates the IDAPI interface.
IDAPI
Alert
IDAPI
Block
request
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
Alert
Event Store
Block
request
Communications
A-31