Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
310
Views
4
Helpful
1
Replies

ISDM Mgmt & Monitoring

a12288
Level 3
Level 3

‎09-20-2007 05:23 AM - edited ‎03-10-2019 03:48 AM

We bought 2 IDSMs, and currently are in the stage of evaluating different Management & Monitoring software, like MARS,Enterasys, etc, and would appreciate your hands-on experience and comments. thanks.

Labels:
0 Helpful
1 Reply 1

hoffa2000
Level 3
Level 3

‎09-25-2007 08:48 AM

Hi

I have two IDSMs online in our two 6513 and one MARS 50 to gather the information. I use the web interface, IDM, supplied with the IDSMs to manage the devices but only use MARS to monitor the dataflow, so far I haven't tuned any signatures on the IDSMs, I let MARS drop the false positives as suggested by the MARS manual.

I have worked alot with Snort and ACID before, although it cannot compare to the IDSM/MARS setup it is the only previous experience I have in security monitoring. I would say the MARS is a great tool for monitoring company wide security events and it helps you declutter the IDS traffic but it doesn't really "manage" the IDSMs as such, for that you might need another tool.

Regards

Fredrik

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card