I am configuring some ASA5510s with AIP-SSM IPS cards, and would like to alert busy operators with an audible alert for events above some defined threshold. I don't see any built-in audible alert options in either IME or ASDM. Does anyone know of a way to do this? Ideally, I would want an alarm to go off until the operator acknowledges it. Thanks in advance for your help!
Thanks for the pompt reply, Jennifer. Does anyone know how this is typically done in 24/7 Network Operating Centers? I'm assuming they funnel everything into a NMS via SNMP traps, and alert the operators from that application. I suppose I could install some NMS product on the monitoring PC, configure the IPS and the firewall to send traps to it, and then configure the NMS to play a sound when alerts are received. It just seemed like there had to be an easier way to get the firewall/IPS to audibly alert me when an event warranted immediate attention. One other thought I had was configuring the IPS and Firewall to send alerts above a certain level via email to the monitoring PC. This would require me to install a SMTP server and email client on that PC, and configure the email client to play an annoying sound when email was received. I'm not sure how which email client would support repeating the sound until acknowledged (I suppose I could create a long soundfile composed of a shorter sound repeating over and over). I'm open to better ideas, because I dislike what I've come up with so far.
p.s. Note that I only need to monitor one or two ASA appliances from an isolated management network. The only way anyone will be able to manage or monitor those firewalls is by looking at the monitoring PC or hearing its speaker. I can place the PC in an always-occupied room, but I expect alarms to be very infrequent and mostly false, so I would much rather occasionally sound an alarm when there might be a fire, rather than asking operators to continually look for smoke...