03-30-2003 10:40 PM - edited 03-09-2019 02:41 AM
hi engineers .
i have configured a CSPM in my local network and it works quite fine .
my problem is that i want to gain a distributed IDS management over a network , not only having several IDS and one CSPM ,but also having one IDS and several CSPM .If it is possible .
shed me light in this issue ,although i'm not sure if it is useful.
thanks in advance .
04-01-2003 04:00 PM
One CSPM supports configuring and viewing alarms from multiple IDS Sensors.
CSPM boxes can be placed in a heirarchy where the lower level CSPMs configure and view alarms from the IDS sensors, and then pass the alarms up to the 2nd level CSPM machines. The 2nd level CSPM machines can then pass alarms up to the 3rd level etc...
The 2nd level and above can only view the alarms, and can not be used to configure the end sensors. The sensors must be configured from the low level CSPMs.
You can configure a single sensor to report to multiple CSPMs, but only ONE of the CSPMs should be used to configure the sensor. Using multiple CSPMs to configure the same sensor can lead to configuration problems, and lost configuration changes.
04-01-2003 04:58 PM
Is the procedure to set up heirarchies documented in detail? If yes, where can I get my hands on it. Thanks.
04-01-2003 07:18 PM
Read through this section. It should explain some of it.
I have never done it myself; so can't provide many details.
http://www.cisco.com/univercd/cc/td/doc/product/ismg/policy/ver23i/idsguide/ch04.htm#xtocid2665211
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide