06-25-2007 06:26 AM - edited 03-10-2019 03:40 AM
We are an MSP and are evaluating Cisco CSM to manage about 50 IDS/IPS devices. Each of these devices has their own customer signature policy.
Does anyone use it in their production environments? Do you find it useful?
Regarding policy management for devices that already have a signature policy, I know you can discover the policy, what we want to do is take the current discovered policy, modify it if we need to and then re-deploy it to the device. I'm finding that this is all read only once the policy is discovered.
Is there a way to modify the signature, for example, adding a logging parameter and then re-deploy?
Just curious if others had similar experiences with CSM.
Thanks!
06-26-2007 11:29 AM
Hi Haxworthy,
I see that there are no responses for your posting.
Did you try posting your question in Ask Your Expert:Cisco Security Manager Section. Amrit might be knowing about it for sure.
Thanks,
Radhika
06-28-2007 02:03 PM
I haven't used CSM...but what would be the point if you couldn't modify the various policies? What exactly would CSM be managing?
07-05-2007 12:03 PM
haxworthy,
I currently use CSM to manager a variety of IPS devices (IOS IPS, 42xx Sensors, 65xx-series blades). The policies vary on some devices. CSM works wonderfully. CSM discoveries the various policies on the device on an individual basis. Policies can then be edited on a per-sensor basis or on a group level. Has worked wonderful in our environment. A nice upgrade from the old IPSMC. Let me know if you have any other questions.
-Mike
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: