https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675662#M88112 <HTML><HEAD></HEAD><BODY><P>BTW, the license upgrade from Restricted to UnRestricted is meant for the following (not for IDS/IPS):</P><P></P><P>- Maximum number of physical and virtual interfaces supported</P><P>- Maximum number of concurrent firewall and VPN connections supported</P><P>- Maximum amount of RAM included</P><P>- Maximum VPN performance via integrated hardware VPN acceleration (Cisco VPN Accelerator or Cisco VPN Accelerator+)</P><P>- Active/Active stateful failover support (requires similar Cisco PIX Security Appliance model with Failover-Active/Active license)</P><P>- Active/Standby stateful failover support (requires similar Cisco PIX Security Appliance model with Failover or Failover-Active/Active license)</P><P>- Security context support, with two security contexts included as part of the UR license</P><P>- GTP inspection* support, when a GTP Feature License is also installed on the system</P><P></P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html</A></P><P></P></BODY></HTML> Fri, 08 Dec 2006 15:36:06 GMT a.kiprawih 2006-12-08T15:36:06Z https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675660#M88107 <P>We have a UR license, does this include the </P><P>the ids module? When I look at the policy to interface mappings it shows none and does not give options. Missing something? thanks. </P> Sun, 10 Mar 2019 10:21:43 GMT https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675660#M88107 dhengste7 2019-03-10T10:21:43Z https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675661#M88108 <HTML><HEAD></HEAD><BODY><P>All PIX Family does not have any IDS/IPS module. It comes as a fraction of IDS embedded in PIX software. For Cisco Firewall series, only ASA has the IPS/SSM module.</P><P></P><P>PIX IDS inspection/signatures features is limited to less than 60 well-known signatures.</P><P></P><P>You can activate this feature using "ip audit" command where you can create an IDS info function (assign name) to scan/detect incoming intrusion attempts by creating alarm, and a function to detect traffic matching the intrusion signatures by dropping/resetting the connection.</P><P></P><P>PIX(config)#ip audit name SCAN info alarm</P><P>PIX(config)#ip audit name BLOCK attack drop reset</P><P></P><P>PIX(config)#ip audit interface outside SCAN</P><P>PIX(config)#ip audit interface outside BLOCK</P><P></P><P>See the following url and look under Table 9-7 Commands on how to create and apply IDS feature in PIX:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172797.html#wp1097310" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172797.html#wp1097310</A></P><P></P><P>HTH</P><P>AK</P></BODY></HTML> Fri, 08 Dec 2006 15:31:47 GMT https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675661#M88108 a.kiprawih 2006-12-08T15:31:47Z https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675662#M88112 <HTML><HEAD></HEAD><BODY><P>BTW, the license upgrade from Restricted to UnRestricted is meant for the following (not for IDS/IPS):</P><P></P><P>- Maximum number of physical and virtual interfaces supported</P><P>- Maximum number of concurrent firewall and VPN connections supported</P><P>- Maximum amount of RAM included</P><P>- Maximum VPN performance via integrated hardware VPN acceleration (Cisco VPN Accelerator or Cisco VPN Accelerator+)</P><P>- Active/Active stateful failover support (requires similar Cisco PIX Security Appliance model with Failover-Active/Active license)</P><P>- Active/Standby stateful failover support (requires similar Cisco PIX Security Appliance model with Failover or Failover-Active/Active license)</P><P>- Security context support, with two security contexts included as part of the UR license</P><P>- GTP inspection* support, when a GTP Feature License is also installed on the system</P><P></P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html</A></P><P></P></BODY></HTML> Fri, 08 Dec 2006 15:36:06 GMT https://community.cisco.com/t5/network-security/ids-with-pix-515e/m-p/675662#M88112 a.kiprawih 2006-12-08T15:36:06Z