We have some <other vendor> IPS and for a new implementation we bought IPS Cisco 4270, i have taken the couse of Cisco IPS and I liked how it works. But we have a big problem thats apply to our company, at different level the manager, boss and the user, obtain different level of information (like quantity of events, graphical informations, etc.) These information I can show with some gadgets without problem, the problem begins when the IME supports only one user logued, the <other vendor> administration console support severals logons to the client console. Because this factor may be vital for the future purchase or replacement of these devices, I need to find a way of not losing the "multi-login" feature.
At the moment I do not know how to solve this problem, might give me ideas that can help me? Thank you all.
IPS Manager Express is designed as a quick and free option for managing/monitoring Cisco IPS sensors. It is possible to allow each user to have their own installation of IME as data is stored local to each installation. The issue here is the five (5) subscription limitation allowed for SDEE-based event retrieval - so only five users would be able to monitor the sensors.
For large scale, multi-user monitoring of Cisco IPS sensors, Cisco provides CS-MARS which can collect and correlate events from multiple Cisco IPS sensors as well as other Cisco security devices. You may also want to look into the upcoming release of CSM 4.0 which will include the ability to monitor both Cisco IPS and Cisco firewall events; this is also a multi-user based solution.
It may be benficial to engage your local Cisco account team or partner to discuss a more tailored solution for your environment.
Radius server configuration for 802.1XServer radius test1Address ipv4 10.1.1.1Key 1234!Server radius test2Address ipv4 10.1.1.2Key 1234!aaa group server radius TEST-grserver name test1server name test2!aaa authentication dot1x default group TEST-graaa aut...
One of the biggest concept in VPN Technologies is NAT Traversal, like NAT Traversal in VOIP deployment with SIP Protocol, the history is always inside the payload to solve the Incompatibility between NAT and IPSEC like the Incompatibility between SIP prot...
"What is this 'Orbital Query Corner' thing", you ask? It's the name of an occasional series of articles, each discussing one particular point or use case for the Orbital advanced search feature that is available in Cisco Secure Endpoint starting at ...
0. The Issue
On 20 July 2021, Microsoft issued an alert for CVE-2021-36934 "Windows Elevation of Privilege Vulnerability".  The problem in this case is an overly permissive Access Control List (ACL) applied to system files, including the Se...