Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
447
Views
0
Helpful
1
Replies

Managing IPS / IDS

GRANT3779
Spotlight
Spotlight

‎12-09-2014 05:21 AM - edited ‎03-10-2019 06:17 AM

Hi There,

I have a couple of 5515x that are running IDS/IPS but have kinda just been sitting there for a year without any proper management. What is the proper procedure for me to monitor the IPS part of the Firewalls and find out exactly what is going on with it? Logging into the ASA itself doesn't really give much info from the CLI.The ASA is running 9.1(2).

I really want to monitor the IPS/IDS part and check if I can apply updates etc, see what exactly it's doing. At the moment it is just sitting there with no management at all. Is it managed by same IP as the ASA itself?

Thanks

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-10-2014 04:12 PM

the IPS has a separate management address configured during setup.

You can use one of several tools to manage an IPS (or set of IPS's):

1. IPS Device Manager (IDM) - similar to ASDM (in fact part of the same binary) and primarily used for configuration.

2. IPS Manager Express (IME) - used to manage a relatively small set of IPS's and includes a built-in lightweight database that collect events from the managed systems via the SDEE transport.

3. Cisco Security Manager (CSM) - an enterprise security management product that can manage both IPS's and ASA's (and routers in a limited fashion for that matter)

1 and 2 are free downloads and 3 is a licensed product.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card