Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
938
Views
4
Helpful
7
Replies

MARS book

andrew.burns
Level 7
Level 7

‎10-06-2006 01:07 AM - edited ‎03-10-2019 03:16 AM

Hi,

Has anyone who uses MARS had a chance to look at the new Cisco Press book yet? Just wondering if it's any good as the description makes it sound kind of high-level, rather than very technical.

Andrew.

Labels:
0 Helpful
7 Replies 7

mmorris11
Level 4
Level 4

‎10-06-2006 05:06 AM

I am almost finished with it. I too wondered if it would be just a bound and printed version of the CCO doc, but I am pleased with it. The forward consists of an interview with the authors which was very interesting and gives some insider history on MARS and Protego. Except for ch6 (mostly a rerun of the config guide), this book really helps fill in the gaps on the theory of MARS operation.

HTH

0 Helpful

joemarr_brodart
Level 1
Level 1

‎10-06-2006 05:53 AM

I read the book and I had been expecting a little more. Other then some small tidbits of useful info, it seemed to me as if I bought a bound copy of the manual.

I really wish there was more info availible on using MARS. I love the product, but I'm often left feeling that there is more to the product, and if I only had more information I could utilize the product more.

0 Helpful

pmccubbin
Level 5
Level 5
In response to joemarr_brodart

‎10-09-2006 10:42 AM

I just finished the book and found it very helpful in a recent engagement. There has been a dearth of documentation on MARS to date so beggers can't be choosers.

If I were to speak with the authors about improving it I would include the following:

1. More detail about syslog servers, in particular, the benefits of pointing existing syslog servers at a MARS box as opposed to sending traffic from devices directly to MARS.

2. A discussion of whether it is better to Push data to a MARS box or have MARS pull the data from the devices.

3. More detail about upgrading the IOS on the MARS box, especially by using ISO images instead of doing incremental upgrades.

Just my 2 cents. I understand there will be another, more technical book published in the first quarter of 2007.

0 Helpful

chrisd
Level 1
Level 1

‎10-17-2006 01:52 AM

Its a good read, but you will not find too much that is not in the manual already.

Some good info on the database etc, and some casestudies.

You`ll also find some other info on a couple of blogs i`ve seen cs-mars.blogspot.com and ciscomars.blogspot.com

pplsi
Level 1
Level 1
In response to chrisd

‎01-05-2007 02:30 PM

I found it pretty disappointing. However, I was looking for a more in depth technical reference manual.

If you know nothing about MARS it would be fine though I still prefer the pdf on CS-MARS from the Cisco web site better.

0 Helpful

pmccubbin
Level 5
Level 5
In response to pplsi

‎01-06-2007 08:02 AM

There is supposedly a more in depth, technical book on the subject of MARS coming out this coming June from the Cisco Press. Keep an eye out for:

Security Monitoring with Cisco Security Mars (Networking Technology) (Hardcover)

by Greg Kellog

Hope this helps.

0 Helpful

Rejohn Cuares
Level 4
Level 4
In response to pmccubbin

‎01-09-2007 05:22 PM

yeah.. im waiting for that release also..

hope the author will include advance technical configurations, examples on real attack, how to mitigate those attackes and other important cases.

Please rate replies and mark question as "answered" if applicable.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card