Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
943
Views
0
Helpful
2
Replies

IDS with Pix 515E

dhengste7
Level 1
Level 1

‎12-08-2006 06:36 AM - edited ‎03-10-2019 03:21 AM

We have a UR license, does this include the

the ids module? When I look at the policy to interface mappings it shows none and does not give options. Missing something? thanks.

Labels:
0 Helpful
2 Replies 2

a.kiprawih
Level 7
Level 7

‎12-08-2006 07:31 AM

All PIX Family does not have any IDS/IPS module. It comes as a fraction of IDS embedded in PIX software. For Cisco Firewall series, only ASA has the IPS/SSM module.

PIX IDS inspection/signatures features is limited to less than 60 well-known signatures.

You can activate this feature using "ip audit" command where you can create an IDS info function (assign name) to scan/detect incoming intrusion attempts by creating alarm, and a function to detect traffic matching the intrusion signatures by dropping/resetting the connection.

PIX(config)#ip audit name SCAN info alarm

PIX(config)#ip audit name BLOCK attack drop reset

PIX(config)#ip audit interface outside SCAN

PIX(config)#ip audit interface outside BLOCK

See the following url and look under Table 9-7 Commands on how to create and apply IDS feature in PIX:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172797.html#wp1097310

HTH

AK

0 Helpful

a.kiprawih
Level 7
Level 7
In response to a.kiprawih

‎12-08-2006 07:36 AM

BTW, the license upgrade from Restricted to UnRestricted is meant for the following (not for IDS/IPS):

- Maximum number of physical and virtual interfaces supported

- Maximum number of concurrent firewall and VPN connections supported

- Maximum amount of RAM included

- Maximum VPN performance via integrated hardware VPN acceleration (Cisco VPN Accelerator or Cisco VPN Accelerator+)

- Active/Active stateful failover support (requires similar Cisco PIX Security Appliance model with Failover-Active/Active license)

- Active/Standby stateful failover support (requires similar Cisco PIX Security Appliance model with Failover or Failover-Active/Active license)

- Security context support, with two security contexts included as part of the UR license

- GTP inspection* support, when a GTP Feature License is also installed on the system

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card