IPS v6.0 and VMS 2.2

Unanswered Question
May 2nd, 2007
User Badges:

Hi Guys,


I had IPS 4215 upgraded to K9-6.0-2-E1 from CLI.


The problem is the IPS added to VMS 2.2 and now I couldn't administrate and manage the IPS from the VMS.


Any useful comments..


Regargs,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (6 ratings)
Loading.
attmidsteam Wed, 05/02/2007 - 07:49
User Badges:
  • Silver, 250 points or more

I believe you can't manage any IPS 6.x devices from VMS. Unfortunately, you are forced to upgrade to CSM if you want to use IPS 6.x.

jreekers Wed, 05/02/2007 - 08:37
User Badges:
  • Cisco Employee,

That's true...VMS doesn't support IPS 6.x.


Regards,

-Joe

balsheikh Wed, 05/02/2007 - 15:08
User Badges:


Good to know that, appreciated.


Do u have any documents/release notes state that VMS doesn't support IPS 6.x.


This will help more to convince my cutomer :)


Regards,

balsheikh Thu, 05/03/2007 - 03:14
User Badges:


Hi Joe,


Actually I'm looking for documents clearly declare that VMS dosen't support the IPS 4215 running version 6.x.


Appreciate ur coordination..


Regards,

jreekers Thu, 05/03/2007 - 07:08
User Badges:
  • Cisco Employee,

Hi.


Actually, that link is still the relevant place to look:


http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/mgt_ids/idsmc12/mc_12_sd.htm


The IDS-4215 is the same thing as an IPS-4215, it's the software version running that makes the distinction as to whether we call it an "IDS" or "IPS". So, as you can see in that link, the IDS-4215 is supported running sw ver. 4.1 only. There is no support for IDS (IPS) 4215 running 6.x.


HTH and please rate!

-Joe

hoogen_82 Tue, 05/22/2007 - 03:10
User Badges:
  • Silver, 250 points or more

I guess for managing IPS 5.1(5)E1 you can do it with VMS itself. For 6.X you probably need to wait as Cisco has probably stopped its download at the moment.


-Hoogen

robertsmichael Wed, 05/23/2007 - 10:20
User Badges:

Can the Security Monitor component of VMS still be used to monitor 6.x sensors? I realize the IDS MC cannot be used to manage them, but have heard that you can still monitor 6.x with SecMon.

jreekers Wed, 05/23/2007 - 10:43
User Badges:
  • Cisco Employee,

Hi Michael,


Actually, SecMon doesn't support the IPS 6.x either. With some tweaking, it may be possible to get it to work, but that's way outside of the support window, so if you run into any issues down the line, it will likely be impossible to get TAC support. My understanding is that the method of collecting events changed between 5.x and 6.x.


Regards,

-Joe

hoogen_82 Wed, 05/23/2007 - 20:37
User Badges:
  • Silver, 250 points or more

One option that was not mentioned is to re-install VMS and use the Security Monitor within VMS to do your monitoring. Security Monitor will still work with IPS 6.0. It is just the IPS Management Center of VMS that can not configure an IPS 6.0 sensor.


Hmm.. why wouldn't TAC support this kind of installation? Cisco has created enough problems pulling out CSM 3.1 and asking us to return to 3.0 which still would not manage the 6.X IPS atleast the monitoring done by the VMS SecMon should be supported.


-Hoogen

attmidsteam Sun, 05/27/2007 - 08:42
User Badges:
  • Silver, 250 points or more

This is true, though you are missing out on all of the SDEE functionality in 6.x, plus you will miss the ability to monitor health stats and alerts from the sensor that are new in 6.x

Actions

This Discussion