Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
388
Views
0
Helpful
4
Replies

IDS selection?

nayyares1
Level 1
Level 1

‎02-27-2007 06:21 AM - edited ‎03-05-2019 02:35 PM

Hello All,

In fact i am a Linux guy, somehow pulled to select cisco hardware for our data centre , that is the reason asking silly question :) but you have to bare it, heh

In fact we are planning to have PIX 515 for our data centre , is it possible to configure PIX as IDS as well ? or we have to buy seperate IDS hardware, if we have to buy seperate, then what is recommended hardware.

thanks

Labels:
0 Helpful
4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

‎02-27-2007 08:27 AM

Nayyar

If you are purchasing equipment for the data centre and get a PIX 515 then you would need additional hardware for IDS. And the PIX is relatively old technology at this point. Cisco has introduced a new product line the ASA5500 which strategically will be the replacement product for PIX. You can get an ASA5510 which has an IDS module as part of the equipment which will perform better than the PIX and probably cost less than the PIX plus an IDS.

My suggestion to you is to look into the ASA5500 products as the equipment for your data centre.

HTH

Rick

HTH

Rick
0 Helpful

dhengste7
Level 1
Level 1
In response to Richard Burts

‎03-23-2007 08:11 AM

To follow up, even though the 515 has a ids function, or is that just part of the Java module for the PDM?

I had read that you can enable IDS with the IP audit command in the cli. In the pdm the options on the policy to interface mappings have none in the drop down menus. TIA

0 Helpful

abinjola
Cisco Employee
Cisco Employee

‎03-23-2007 07:50 PM

are you looking for an extensive IDS/IPS functionality ? if not then yes you may certainly go for pix 515 "E"...

there are just 50 signatures supported by Pix fw

in order to be able to add some signatures to the PIX FW you can use the

IP audit command, please follow this URL for more information about this

command:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref

/gl.htm#wp1101884

note that not all the signatures are supported on the PIXOS code,

below is the list of supported signatures:

http://www.ciscotaccc.com/kaidara-advisor/security/showcase?case=K93520960

the support for all IDS signatures, this is only available for IDS sensors.

regarding the new FW family 'ASA' here is a link where you can find some

useful information about it,

http://www.cisco.com/en/US/customer/products/ps6120/index.html

so now decide if you wanna save the money or save the network..:-)

0 Helpful

dhengste7
Level 1
Level 1
In response to abinjola

‎03-24-2007 04:17 AM

Looking for at least some IDS functionality since we already have a 515E ur Pix. Is the IDS feature cli only? The pdm doesn't seem to be helpful.

Would Snort be a better option? thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card