IPS v6.0 and VMS 2.2

balsheikh · ‎05-02-2007

Hi Guys,

I had IPS 4215 upgraded to K9-6.0-2-E1 from CLI.

The problem is the IPS added to VMS 2.2 and now I couldn't administrate and manage the IPS from the VMS.

Any useful comments..

Regargs,

attmidsteam · ‎05-02-2007

I believe you can't manage any IPS 6.x devices from VMS. Unfortunately, you are forced to upgrade to CSM if you want to use IPS 6.x.

jreekers · ‎05-02-2007

That's true...VMS doesn't support IPS 6.x.

Regards,

-Joe

balsheikh · ‎05-02-2007

Good to know that, appreciated.

Do u have any documents/release notes state that VMS doesn't support IPS 6.x.

This will help more to convince my cutomer :)

Regards,

jreekers · ‎05-02-2007

Hi.

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/mgt_ids/idsmc12/mc_12_sd.htm

which shows the IDSM and IDSM2 (IPS) supported versions.

HTH, and please rate.

Thanks!

-Joe

balsheikh · ‎05-03-2007

Hi Joe,

Actually I'm looking for documents clearly declare that VMS dosen't support the IPS 4215 running version 6.x.

Appreciate ur coordination..

Regards,

jreekers · ‎05-03-2007

Hi.

Actually, that link is still the relevant place to look:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/mgt_ids/idsmc12/mc_12_sd.htm

The IDS-4215 is the same thing as an IPS-4215, it's the software version running that makes the distinction as to whether we call it an "IDS" or "IPS". So, as you can see in that link, the IDS-4215 is supported running sw ver. 4.1 only. There is no support for IDS (IPS) 4215 running 6.x.

HTH and please rate!

-Joe

paulnguy · ‎05-21-2007

Device support for VMS/IPSMC:

http://www.cisco.com/en/US/partner/products/sw/cscowork/ps3990/products_device_support_table09186a00805b0592.html

VMS is replaced with CSM 3.x):

http://www.cisco.com/en/US/partner/products/sw/cscowork/ps2330/index.html

CSM 3.1 is needed to manage IPS v5.1 and above (and also 6^)

HTH

hoogen_82 · ‎05-22-2007

I guess for managing IPS 5.1(5)E1 you can do it with VMS itself. For 6.X you probably need to wait as Cisco has probably stopped its download at the moment.

-Hoogen

rm2017 · ‎05-23-2007

Can the Security Monitor component of VMS still be used to monitor 6.x sensors? I realize the IDS MC cannot be used to manage them, but have heard that you can still monitor 6.x with SecMon.

jreekers · ‎05-23-2007

Hi Michael,

Actually, SecMon doesn't support the IPS 6.x either. With some tweaking, it may be possible to get it to work, but that's way outside of the support window, so if you run into any issues down the line, it will likely be impossible to get TAC support. My understanding is that the method of collecting events changed between 5.x and 6.x.

Regards,

-Joe

hoogen_82 · ‎05-23-2007

One option that was not mentioned is to re-install VMS and use the Security Monitor within VMS to do your monitoring. Security Monitor will still work with IPS 6.0. It is just the IPS Management Center of VMS that can not configure an IPS 6.0 sensor.

Hmm.. why wouldn't TAC support this kind of installation? Cisco has created enough problems pulling out CSM 3.1 and asking us to return to 3.0 which still would not manage the 6.X IPS atleast the monitoring done by the VMS SecMon should be supported.

-Hoogen

attmidsteam · ‎05-27-2007

This is true, though you are missing out on all of the SDEE functionality in 6.x, plus you will miss the ability to monitor health stats and alerts from the sensor that are new in 6.x