Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
261
Views
0
Helpful
3
Replies

PIX & Enterasys Dragon

ali-franks
Level 1
Level 1

‎10-13-2004 02:00 AM - edited ‎02-20-2020 11:40 PM

Hi All,

Had an interesting question from a customer this morning.

They have an Enterasys Dragon IDS appliance and were wondering if it could interact with a PIX for shunning.

Anyone seen or tried this? Some input would be appreciated.

Thanks

Ali

0 Helpful
3 Replies 3

a.kiprawih
Level 7
Level 7

‎10-15-2004 06:02 PM

Hi Ali,

So far, I've never seen this kind of integration before, but as far as I am concerned, Cisco PIX can only work with Cisco IDS - proprietary issue (?).

Cheers!

Amrih

0 Helpful

pcomeaux
Cisco Employee
Cisco Employee
In response to a.kiprawih

‎10-15-2004 06:19 PM

The sensor performs a SSH or Telnet connection to the Pix and uses the "Shun" command that is available in the Pix OS.

There's nothing stopping any individual or business from writing a script to accomplish this behaviour when a signature fires that is configured to block.

So, there's nothing proprietary in the method the way the Cisco IDS performs a Shun with a Pix or a Block with a Router.

Hopefully this helps,

peter

0 Helpful

rcorley2001
Level 1
Level 1
In response to pcomeaux

‎10-25-2004 09:33 AM

Additionally they can control switch ports by either disabling the port or reassigning it to a different vlan depending upon your security policy.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card