Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1315
Views
0
Helpful
3
Replies

CSPM 233i + PIX

wongsusanto
Level 1
Level 1

‎12-10-2001 11:08 PM - edited ‎02-20-2020 09:55 PM

Hi,

I hope someone can help me.....

I have a question here....I have installed CSPM233i and I have activaed the IDS feature in the PIX..and I have servers in the inside network... Can CSPM 233i send alert such as email if there is an attack to the servers without IDS Sensor or Director ....JUST CSPM + PIX ???

Thanks in Advance

0 Helpful
3 Replies 3

marcabal
Cisco Employee
Cisco Employee

‎12-11-2001 09:59 AM

The CSPM 233i release is only necessary if you are configuring and monitoring the IDS Appliance or IDS Module Sensors. If you are just using the IDS feature within the PIX then the 233f release train or even 3.0 would be better for you.

CSPM treats the PIX IDS messages differently than the IDS Sensor messages.

I assume it will treat the PIX IDS messages similar to other PIX syslog messages of the same severity.

So you would need to look through the CSPM documentation on how to send out email notifications when a certain PIX syslog message comes in.

Here are some places to start looking:

If using 233f:

http://www.cisco.com/univercd/cc/td/doc/product/ismg/policy/ver23f/audit/index.htm

http://www.cisco.com/univercd/cc/td/doc/product/ismg/policy/ver23f/audit/auintro.htm

If using 3.0:

http://www.cisco.com/univercd/cc/td/doc/product/ismg/policy/ver30/quickone.htm#xtocid859018

(which pretty much says to look through 3.0's On Line Help)

I'm sorry I can't be of more help, but most of us on this Forum are more familiar with the 233i train and handling IDS Sensor messages than with the 233f train handling PIX syslog messages.

If you don't get any more responses on this Forum, you might want to try asking this on the PIX FireWall Forum.

0 Helpful

wongsusanto
Level 1
Level 1
In response to marcabal

‎12-11-2001 07:04 PM

Hi,

thanks for your help....I am quite new in IDS...

BTW, How can I get the CSPM 3.0 Trial Version ???

Regards

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to wongsusanto

‎12-12-2001 10:20 AM

Look at the following web site. It appears that CSPM 3.0 is part of the new VMS - VPN/Security Management Solution.

http://www.cisco.com/warp/public/cc/pd/wr2k/vpmnso/prodlit/1506_pp.htm

So you will need to contact your Cisco Sales Rep to see about getting a trial version for VMS 2.0.

A trial version is not currently available for download off CCO.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card