10-13-2004 02:00 AM - edited 02-20-2020 11:40 PM
Hi All,
Had an interesting question from a customer this morning.
They have an Enterasys Dragon IDS appliance and were wondering if it could interact with a PIX for shunning.
Anyone seen or tried this? Some input would be appreciated.
Thanks
Ali
10-15-2004 06:02 PM
Hi Ali,
So far, I've never seen this kind of integration before, but as far as I am concerned, Cisco PIX can only work with Cisco IDS - proprietary issue (?).
Cheers!
Amrih
10-15-2004 06:19 PM
The sensor performs a SSH or Telnet connection to the Pix and uses the "Shun" command that is available in the Pix OS.
There's nothing stopping any individual or business from writing a script to accomplish this behaviour when a signature fires that is configured to block.
So, there's nothing proprietary in the method the way the Cisco IDS performs a Shun with a Pix or a Block with a Router.
Hopefully this helps,
peter
10-25-2004 09:33 AM
Additionally they can control switch ports by either disabling the port or reassigning it to a different vlan depending upon your security policy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide