Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
9
Helpful
4
Replies

IDS,ASA,PIX firewall monitoring and optimizing

arumugasamy
Level 1
Level 1

‎05-28-2006 05:34 AM - edited ‎03-10-2019 03:02 AM

Dear All,

Please let me know the products from Cisco to monitor and optimize the IDS, ASA, PIX firewall in the data centre and corporate networking environment.

I believe that VMS 2.3 can be used.I like to know about the CS-MARS product from Cisco and its usage.

Thanking you

Swamy

Labels:
0 Helpful
4 Replies 4

a.kiprawih
Level 7
Level 7

‎05-28-2006 08:55 AM

Hi,

CS-MARS is a security product that mainly used to analyse, correlates and produce/recommed mitigation action based on the log analysis.

You need to send your syslog, snmp or NetFlow to CS-MARS from all/selected network devices in the network to enable it to have visibility of the network activities. It has built-in signatures or rules that trigger incidents, and allows you can create your own rule to monitor certain segment or devices. Notification is available in the form of email, sms, pager, snmp and syslog.

CS-MARS does not replace the function of IDS/IPS or antivirus, but as a critical security complimentary product to allow you to stop any detected malicious incidents/activities from a nearest point, e.g shutting down switch port where a PC is detected trying to launch network attack, virus or trojans. The concept more or less similar to 'Forward Defense' used by certain country today.

http://www.cisco.com/en/US/partner/products/ps6241/products_data_sheet0900aecd80272e64.html

CS-MARS is measured by its capabilities to handle received Event and Netflow logs per second. This include the HDD capacity. You can have single unit (Local Controller) or multiple unit that centrally managed by Global Controller.

CS-MARS support wide range of networking and security products.

http://www.cisco.com/en/US/partner/products/ps6241/products_device_support_tables_list.html

Rgds,

AK

arumugasamy
Level 1
Level 1
In response to a.kiprawih

‎05-29-2006 05:55 AM

Dear Kiprawih,

Thank you for your useful information. I wants to know the centralized monitoring and Management software or the device for IDS/PIX/ASA5500.

I am waiting for your information.

Thnaks

swamy

0 Helpful

a.kiprawih
Level 7
Level 7

‎05-29-2006 07:16 PM

Hi,

There is a new security management product called Cisco Security Manager (3.0). It's a part of Cisco Security Management Suite (combined with CS-MARS).

This tool will replace the role of Cisco VMS 2.3, as recommended by Cisco in:

http://www.cisco.com/en/US/partner/products/sw/cscowork/ps2330/index.html

This Cisco Security Manager (3.0) is a scalable deployment and management tool. Among its functions/benefits/features are facilitating the provisioning of VPN, Firewall and IPS, as well as provide integrated management, operational and health/performance monitoring.

The supported devices are:

* Cisco PIX Security Appliances

* Cisco ASA 5500 Series Adaptive Security Appliances

* Cisco IPS 4200 Series Sensors

* Cisco Catalyst 6500 Series Firewall Services Module

* Cisco Catalyst 6500 Series VPN Services Module

* Cisco Catalyst 6500 Series IDSM2

* Cisco Catalyst 6500 Series IPS Services Modules

* Cisco IOS IPS Router Sensor Modules

* Cisco Integrated Services Routers

More details on Cisco Security Manager (3.0) is availabe at:

http://www.cisco.com/en/US/partner/products/ps6498/products_data_sheet0900aecd803ffd5c.html

Rgds,

AK

arumugasamy
Level 1
Level 1
In response to a.kiprawih

‎05-30-2006 06:02 AM

Thank you very much for your information.

Swamy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card