Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
464
Views
0
Helpful
2
Replies

IPS Newbie needs help in getting started..

yprasannas
Level 1
Level 1

‎12-21-2005 11:43 AM - edited ‎03-10-2019 01:48 AM

Hello, Our company has purchased couple of IPS 4240 and they are lying in the lab for couple of days. I started working on them to get a feel of IPS. It has 4.1 Device Manager and looks like the latest is 5.x.

1. I see VMS, IDM(Device Manager, SDM,etc being used several posts and all seem to be used to manage these kind of devices. Is this true?

2. Which is the best of all in the above listed tools?

3. How do I download them? It is asking for CCO acct. I do have a serial number on the back of IPS. Does it help me to create CCO acct? We purchased these from a vendor and not directly from Cisco.

Thanks!

Labels:
0 Helpful
2 Replies 2

sachinraja
Level 9
Level 9

‎12-22-2005 03:08 AM

Hello prasanna

you are right.... IPS can be managed through a VMS, IDM, etc... I guess you should have got a 5 device license for VMS with the 4240 !!! you can install this VMS on a seperate server and use it to manage the IPS.... VMS also gives you additional features like configuration management (for switches/routers), inventory management, syslog management , software management etc... Hence VMS is a comprehensive solution for managing all Cisco devices on your network, including the IPS....

IDM is a GUI designed to manage IPS.. The webserver resides on the sensor itself... Make sure you have java applets on the desktop from which you are accessing IDM.

Hope this helps... Rate replies if found useful.

Raj

0 Helpful

joe.oranday
Level 1
Level 1

‎01-04-2006 12:05 PM

I feel your pain....the Cisco alphabet soup of management options can be overwhelming.

Since you are a newb, I suggest you skip CiscoWorks VMS for now and start tracking your IDS using Cisco's IDS Event Viewer. It is a simple client side application that will allow you to see what is happening on your IDS.

Then I would suggest you upgrade to the IPS 5.0 version of software. The built-in IDM is tons better than the previous version and gives you much more control and insight into the sensor. The IDS event viewer will still work once you have 5.0 running, but you have to remember to install signature updates to both the sensor and the client IDS viewer.

Finally, you can work on using CiscoWorks VMS. That will require a beefy, dedicated server platform. CiscoWorks includes tons of stuff, but the two things that are useful are Security Monitor and Management Center for IPS. Security Monitor is basiclly the replacement for the IDS event viewer, and MC is another way to manage sensors.

good luck,

joe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card