Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
728
Views
0
Helpful
2
Replies

Cisco Threat Response (CTR) and Cisco Trust Agent (CTA) questions

ovt
Level 4
Level 4

‎01-18-2005 01:11 AM - edited ‎03-10-2019 01:14 AM

Hi!

1. Does anybody know when will CTR functionality be integrated into the VMS or IDS sensors?

2. Can anybody provide a description of CTR communications when it performs L1 and L2 analysys? What ports needs to be opened on the firewall, what services should run on the windows box?

3. Are there any plans to integrate CTR with CTA? As the agent is required in the NAC architecture it would be logical to use it to report OS Version / patches / etc. to the VMS or the sensor (perhaps via ACS). The sensor or VMS will be able to suppress / downgrade alarms after that.

Thx,

Oleg Tipisov,

Redcenter,

Moscow

Labels:
0 Helpful
2 Replies 2

umedryk
Level 5
Level 5

‎01-24-2005 06:57 AM

As far as I know, there are no plans to integrate CTR with CTA

0 Helpful

ishah
Level 1
Level 1
In response to umedryk

‎02-18-2005 03:54 PM

CTR uses the admin shares to connect to a windows server.

Depending on how you configured it: It will try a nmap fingerprint scan, use static OS mappings or perform a level 2 scan by using the admin shares.

If you are using it through firewalls, the fingerprinting does not work properly.

You will also notice that since version 2.0.3 there hasn't been any new agents developed for it. Also 2.0.5 started to upgrade all port scans etc whereas before it didn't.

I would look to speaking to your cisco account team about the next version of Cisco IPS instead.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card