Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
503
Views
0
Helpful
1
Replies

Does Cisco Security Manager support IPS?

melangnghe
Level 1
Level 1

‎03-19-2006 01:17 PM - edited ‎03-10-2019 01:56 AM

We receive conflicting stories that Cisco Security Managet does not support IPS whist Cisco website indicated that it does. Please confirm. http://www.cisco.com/en/US/products/ps6498/prod_bulletin0900aecd803ffd79.html

TIA.

Labels:
0 Helpful
1 Reply 1

marcabal
Cisco Employee
Cisco Employee

‎03-19-2006 08:03 PM

There is quite a bit of confusion right now because of product names and terminology.

The VMS product contained 2 utilities for managing IPS devices:

IPS Management Center (IPS MC) for configuration management of the IPS devices, and

Security Monitoring (SecMon) for the viewing of IPS Alerts.

The Cisco Security Manager (CSM) was being designed primarily as a configuration tool. So Security Monitor from VMS was not carried forward into CSM. So CSM is Not able to "monitor" for IPS Alerts.

If you are using SecMon (VMS) for alert monitoring, then understand that this functionality is not available within CSM 3.0, and no plans exist to add that functionality into later versions of CSM.

Instead customers with a large number of sensors are encouraged to purchase CS MARS. CS MARS is designed specifically for monitoring of security events (both IPS as well as from other security devices).

Customers with a small number of sensors alternatively can download and use Cisco IEV (Intrusion Detection Event Viewer). Cisco IEV version 4.1 is able to monitor version 4.1 sensors as well as 5.0 and 5.1 sensors.

As for Configuration Management, VMS users will be able to upgrade to CSM and continue to be able to manage their IPS devices.

But here is where terminology causes some confusion.

The CSM was also originally designed so that all Cisco security devices could be configured from a single user interface.

This first version of CSM 3.0 does Not, however, have IPS management integrated into this single user interface for managing all Cisco security products.

Because of time to market, and resource constraints the first version of CSM does not have IPS management integrated into the main interface.

BUT, this does Not mean that CSM can not manage an IPS device. Instead what has been done with CSM 3.0 is the IPS MC from VMS has been converted to work on the same system as CSM 3.0 and be started through the CSM main interface.

So CSM 3.0 has what is often termed a "cross launch" of IPS MC for IPS management.

So CSM 3.0 DOES support IPS Management, but that IPS management is not through the primary CSM interface, and is instead through a separate startup of the IPS MC interface that has a different look and feel from the main CSM interface.

The plan, however, still remains to integrate IPS management into the main CSM interface.

This integration is what you may hear referred to as "native" support of IPS configuration in the main CSM interface.

So CSM 3.0 DOES support IPS device configuration through the "cross launched" IPS MC that comes with it (the IPS MC is part of the install package with no extra fee).

A follow on CSM will have the "native" integration of IPS management into the main CSM interface.

But CSM 3.0 DOES NOT support IPS Alert monitoring.

Users would need to purchase CS MARS or download the free IEV for alert monitoring.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card