01-18-2005 01:11 AM - edited 03-10-2019 01:14 AM
Hi!
1. Does anybody know when will CTR functionality be integrated into the VMS or IDS sensors?
2. Can anybody provide a description of CTR communications when it performs L1 and L2 analysys? What ports needs to be opened on the firewall, what services should run on the windows box?
3. Are there any plans to integrate CTR with CTA? As the agent is required in the NAC architecture it would be logical to use it to report OS Version / patches / etc. to the VMS or the sensor (perhaps via ACS). The sensor or VMS will be able to suppress / downgrade alarms after that.
Thx,
Oleg Tipisov,
Redcenter,
Moscow
01-24-2005 06:57 AM
As far as I know, there are no plans to integrate CTR with CTA
02-18-2005 03:54 PM
CTR uses the admin shares to connect to a windows server.
Depending on how you configured it: It will try a nmap fingerprint scan, use static OS mappings or perform a level 2 scan by using the admin shares.
If you are using it through firewalls, the fingerprinting does not work properly.
You will also notice that since version 2.0.3 there hasn't been any new agents developed for it. Also 2.0.5 started to upgrade all port scans etc whereas before it didn't.
I would look to speaking to your cisco account team about the next version of Cisco IPS instead.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide