Driver Support Document

Cisco Intrusion Prevention System (IPS) firewalls, OS Version 7.x

Show Tested Devices Grid

SYSOID Mapping
SYSOID MODEL OS VERSION
 1.3.6.1.4.1.9.1.648 4240-DC-K9 7.0(8)E4, 7.1(7)E4
 1.3.6.1.4.1.9.1.653 WS-SVC-IDSM2 7.0(8)E4
 1.3.6.1.4.1.9.1.655 ASA-SSM-20 7.1(6)
 1.3.6.1.4.1.9.1.662 ASA-SSM-10 7.9(8)E4
 1.3.6.1.4.1.9.1.743 IPS-4260-K9 7.1(4)E4
 1.3.6.1.4.1.9.1.830 IPS4270-20-K9 7.1(6)E4
 1.3.6.1.4.1.9.1.1200 ASA5585-SSP-40 7.1(8)E4
 1.3.6.1.4.1.9.1.1232 ASA5585-SSP-IPS10 7.1(6)E4
 1.3.6.1.4.1.9.1.1233 ASA5585-SSP-IPS20 7.1(6)E4
 1.3.6.1.4.1.9.1.1408 ASA5525-X 7.1(8)E4
 1.3.6.1.4.1.9.1.1420 ASA5515-X 7.1(4)E4, 7.1(8)E4
 1.3.6.1.4.1.9.1.1445 ASA5545-X 7.1(8)E4
 1.3.6.1.4.1.9.1.1450 ASA5545-X 7.1(8)E4
 1.3.6.1.4.1.9.1.1543 IPS4510-INC-K9 7.2(2)E4
 1.3.6.1.4.1.9.1.1545 ASA5512-IPS 7.1(4)E4
 1.3.6.1.4.1.9.1.1549 ASA5555-IPS 7.1(4)E4

Driver Features Support Grid

Driver FeaturesAccess Methods
(X signifies feature support)CLISNMPTFTPCLI+TFTPSNMP+TFTPFTPCLI+FTPSNMP+FTPCLI+SFTPSCPCLI+SCPSNMP+SCPHTTP/HTTPS
X Driver Discovery release notes X                        
X General Access release notes
(CLI protocols: telnet, ssh2, console)
Supports SecurID 		X                        
Configuration
X Retrieve Running Configuration   X                        
  Retrieve Startup Configuration                            
  Retrieve Binary Configuration                            
X Device information parsing  
X Enhanced Layer2 Basic IP information parsing  
  Configuration Deployment to Running                            
  Configuration Deployment to Startup                            
  Binary Configuration Deployment                            
Diagnostics
  Routing Table                            
  OSPF Neighbors                            
X Interfaces   X                        
X Modules and Inventory   X                        
  Flash Storage Space                            
  File System                            
X Uptime   X X                      
X ICMP Test   X                        
  Topology Parsing                            
X Duplex Parsing   X                        
  Enhanced VLAN Parsing  
Features
  Software Center                            
  Software Image Synchronization                            
X Password Management  
(Can modify: full username, full password, read-only community strings, read/write community strings) 		X                        
  Syslog Configuration and Change Detection                              
X Custom Scripts and Diagnostics  
Bulk deploy available 		X                        
  ACL Parsing  
  ACL Provisioning                            
  VLAN Provisioning                            
X Configlet Parsing  
X QoS Parsing  
  VRF Parsing  
  Context Management                            

General Access

Release Notes

Extra support for drivers that use HTTP

This note applies only for drivers that use HTTP requests for driver functions. HTTP proxy operations are supported by setting the device access variable "http_proxy" to "ip:port", replacing with the IP and port values of the proxy server. SNI-requiring devices (e.g CloudGenix & Cisco Meraki) can be supported by using the device access variable "alternate_host" to contain the DNS name of the host. The host name will be used rather than the normal management IP address for all HTTP requests, effectively supporting SNI.

return to top

Driver Discovery

Release Notes

More prompt causes an unexpected disconnection

Discovery tasks for Javascript drivers handle More prompts by using timeouts, which can cause problems with the third-party SSH client code, which interprets the timeout as a disconnection. There are two options to work around the problem. Setting the RCX option [<option name="Driver/Discovery/UsePollRead">true</option>] in site_options.rcx will effect the workaround for all affected devices. Alternatively, it could be applied to a single device by setting the device access variable "PollRead" to "true".

Wakeup Ctrl-U character can cause discovery to fail

Discovery tasks for Javascript drivers use wakeup characters are sent during device connection, to ensure that the device is responding. Normally, these characters do not echo to the console, but some devices may echo them. In this case, this causes the prompt detection phase to fail, which in turn can cause More prompts to not be handled properly, and discovery may fail. If these characters are echoed from the device [check the session log to see this], then set the device access variable "skip_ctrl_u" to skip the sending of the wakeup characters. Note that setting this option on a previously working device could cause discovery tasks to fail, but it only affects CLI discovery. SNMP discovery is unaffected.

return to top