08-20-2007 06:41 AM - edited 03-10-2019 03:45 AM
Is there a heuristic for setting up an intrusion detection system with a Cisco ISR? We would like to utilize our firewall logs for an intrusion detection system.
08-24-2007 08:32 AM
08-24-2007 09:50 AM
There are tools that will correlate firewall logs, if that's what you mean. To get you going, there's Cisco's own SIM product, MARS.
There's the open source OSSIM: http://www.ossim.net/.
08-24-2007 11:33 AM
Intellitactics NSM will cross correlate many device types including routers, firewalls, & sensors:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: