cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2965
Views
10
Helpful
8
Replies
James.Longman
Beginner

IPS Manager Express or Cisco Security Manager?

Hello All,

We're thinking of buying the IPS licence for the 5512 - which of the above (IPS Manager Express or Cisco Security Manager) is the right tool to read up on for management use? Or can I chose either? If I can chose either, which would you guys recommend?

Cheers!

M

2 ACCEPTED SOLUTIONS

Accepted Solutions
Karsten Iwen
VIP Mentor

How many systems do you have? If the number is high, the CSM is the way to go. Managing many systems (and keeping them in sync with the same policy) with IDM and IME is a nightmare. But if it's a single system, then the IME is the right tool for you. It works great for monitoring (up to 10 devices) and can also manage them (individually, thats not so easy for more then one system). And it come free of charge.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

Or is it supposed to be a server type app too?

it has to run server-like. The App has to collect the events also when you are asleep, on vacation or just not in the mood of looking at events ... ;-) I usually install the IME as a vm-instance where it is never turned off.

Last question, I promise!

no problem, asking questions is the main purpose of this forum!

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

8 REPLIES 8
Karsten Iwen
VIP Mentor

How many systems do you have? If the number is high, the CSM is the way to go. Managing many systems (and keeping them in sync with the same policy) with IDM and IME is a nightmare. But if it's a single system, then the IME is the right tool for you. It works great for monitoring (up to 10 devices) and can also manage them (individually, thats not so easy for more then one system). And it come free of charge.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

Cheers! We'll have just two, so IME it is.

What's the benefit over just using the familiar ASDM though?

What's the benefit over just using the familiar ASDM though?

ASDM is fine for the ASA-part of your IPS-config. There you canfigure the MPF to send the traffic to the IPS.

The IME is the tool where you monitor your events what you really can't do with ASDM/IDM. Also the tuning of your policy is much more comfortable in IME.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Cheers!

So, am I right in thinking the CSM is an app I would install on a server so it could run 24/7 collecting logs and pushing updates whereas the IME is more like the ASDM and installs on my desktop to be run when I want to push signatures or make config changes? Or is it supposed to be a server type app too?

Last question, I promise! ;)

Or is it supposed to be a server type app too?

it has to run server-like. The App has to collect the events also when you are asleep, on vacation or just not in the mood of looking at events ... ;-) I usually install the IME as a vm-instance where it is never turned off.

Last question, I promise!

no problem, asking questions is the main purpose of this forum!

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

Thanks dude, that's given me a great understanding! Much appreicated!

turnera
Beginner

James,

IMHO, IME would be the way to go. As has been already mentionend in replies here. Smaller networks, then IME is best suited for your needs.

Thanks for the extra feedback!

Content for Community-Ad