Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
525
Views
0
Helpful
2
Replies

SDM

87305
Level 1
Level 1

‎03-07-2007 10:34 AM - edited ‎03-05-2019 02:45 PM

Hello Everyone,

I posted a similar question under the security forum but I did not receive much feedback so I thought I would try here.

I am trying to find the real value in using SDM as a product. I understand its features for the most part, but what I am really interested in now is the firewall features sets, etc.

When using SDM, and configuring the firewall, does it configure the router with anything other than traditional access lists (Standard & extended) and CBAC?s?

I can see the value in the IPS when configured correctly, and in the auditing features, but I am seeking for the value in the firewall features.

I have not spent enough time in the IDS section to comment on such as of yet.

Any feedback would be greatly appreciated.

I will look forward to your responses.

Cheers,

Labels:
0 Helpful
2 Replies 2

wiluszm
Level 1
Level 1

‎03-07-2007 12:41 PM

Chris,

You practically answered this question yourself. SDM, in my opinion, is used to fill the "Cisco has no GUI" for devices void. SDM, for the most part, simply graphically displays CLI options. The biggest attractions (and differences) found between the CLI and SDM GUI are wizards-based configurations and IPS deployment.

The wizard feature is nice for first time users. I know that I have tried the VPN wizard, and the connection was configured just as I would through the IOS CLI. The other major use of SDM is for IPS management. All IOS IPS configuration must happen through SDM. In a small office deployment, this is not an issue. In larger corporations and enterprises, a more centralized tool known as IPS Mangement Center (from Cisco) is used to centrally develop IPS policies and push these IOS IPS enabled devices (along with other Cisco IPS/IDS sensors).

In summary... SDM is great for the first-time user and user with a small user base that would like to enable the benefits of IOS IPS. If you're a CLI veteran, I doubt SDM will make you change. For newbies it's a great way to configure devices graphically and see the actual CLI commands delivered to the device.

Hope this helps!

-Mike

http://cs-mars.blogspot.com

0 Helpful

raulzulueta
Level 1
Level 1
In response to wiluszm

‎09-02-2010 06:21 PM

I am using SDM for the first time and it does not work completely. I want to create a Site-to-Site VPN. The button is checked and when I click on "Launch Selected Task" button, nothing happens.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card