08-20-2007 06:41 AM - edited 03-10-2019 03:45 AM
Is there a heuristic for setting up an intrusion detection system with a Cisco ISR? We would like to utilize our firewall logs for an intrusion detection system.
08-24-2007 08:32 AM
Following links may help you
http://www.cisco.com/en/US/products/ps6498/prod_release_note09186a00806186f0.html
http://www.cisco.com/en/US/products/ps6634/products_white_paper0900aecd8062acfb.shtml
08-24-2007 09:50 AM
There are tools that will correlate firewall logs, if that's what you mean. To get you going, there's Cisco's own SIM product, MARS.
http://www.cisco.com/go/mars
There's the open source OSSIM: http://www.ossim.net/.
08-24-2007 11:33 AM
Intellitactics NSM will cross correlate many device types including routers, firewalls, & sensors:
http://www.intellitactics.com/int/
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
