×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Device Manager for IPS on Cisco Security Manager

Unanswered Question
Jan 4th, 2009
User Badges:

Hi all,



We use a CSM ver 3.2.

We'd like to open device manager for IPS from CSM and we've got th following error.



"sensor minor version is newer than supported version"


and we cannot open the device manager;


Could anyone help?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
sachinraja Mon, 01/05/2009 - 12:39
User Badges:
  • Red, 2250 points or more

Hello Hari


which version of IPS are you running? The CSM 3.2 supports IPS version 5.1, 6.0 and sub-versions of these mainline OS.. Have a look at the CSM 3.2 hardware/software support matrix:


http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.2/compatibility/information/csmsdt32.html


Compatibility matrix overall for all versions of CSM:


http://www.cisco.com/en/US/products/ps6498/products_device_support_tables_list.html


Hope this helps.. all the best...


Raj

harinirina Mon, 01/05/2009 - 22:20
User Badges:

Hi,



here is the show ver of the IPS, it's a module on 6500.



Cisco Intrusion Prevention System, Version 6.1(1)E1


Host:

Realm Keys key1.0

Signature Definition:

Signature Update S329.0 2008-04-16

Virus Update V1.2 2005-11-24

OS Version: 2.4.30-IDS-smp-bigphys

Platform: WS-SVC-IDSM-2

No license present

Sensor up-time is 1:21.

Using 1399341056 out of 1983504384 bytes of available memory (70% usage)

system is using 17.7M out of 29.0M bytes of available disk space (61% usage)

application-data is using 34.8M out of 166.8M bytes of available disk space (22% usage)

boot is using 40.5M out of 68.6M bytes of available disk space (62% usage)

application-log is using 529.0M out of 2.8G bytes of available disk space (20% usage)



MainApp M-2008_APR_24_19_16 (Release) 2008-04-24T19:49:05-0500 Running

AnalysisEngine M-2008_APR_24_19_16 (Release) 2008-04-24T19:49:05-0500 Running

CLI M-2008_APR_24_19_16 (Release) 2008-04-24T19:49:05-0500


Upgrade History:


IPS-K9-6.1-1-E1 19:16:00 UTC Thu Apr 24 2008

Maintenance Partition Version 2.1(3)


Recovery Partition Version 1.1 - 6.1(1)E1




The version of CSM is 3.2.1.



Does the CSM support the IOS running on the IPS?

sachinraja Tue, 01/06/2009 - 06:33
User Badges:
  • Red, 2250 points or more

This is what the compatibility matrix says:


IPS sensors and modules-IPS Software 5.1 and 6.0. You can also use IPS Software 6.1, but it is treated as 6.0. Features unique to 6.1 are not supported.




--------------------------------------------------------------------------------


Note IPS signature updates are supported only on IPS Software 5.1(5)E1 and later.


It supports IDS module on 6500, and also 6.1 software, but it takes only 6.0 features !


Hope this helps..


Raj

harinirina Tue, 01/06/2009 - 08:21
User Badges:

Hi Raj,



We cannot even open IDM. When continueing to load IDSM, we got the message "fail to load sensor - null).


Also, we cannot launch IPS Event Viewer. it doesn't load fully.


The IDSM is configured with basic config for the moment (IP adress and gateway, ACL permitting CSM to discover the IDSM module).


What should we do so we can monitor IPS from CSM?


sachinraja Tue, 01/06/2009 - 08:27
User Badges:
  • Red, 2250 points or more

Hello Hari


Did you check this document, on how to add IPS to CSM ?


http://www.cisco.com/en/US/products/ps6498/products_tech_note09186a0080846d67.shtml


if the IPS is added right, and IPS gives access to CSM to pull reports, it should work fine.. just check for the "allowed host" parameter on the IPS.. From the CSM, first try to launch normal IDS device manager through https.. See if there is access to IDS event viewer from CSM IP address.. If this doesnt work by itself, there is some issue in the IDS config or browser settings, java, applet etc..


If this works, then the settings on IDS should be fine.. we then need to concentrate on troubleshooting CSM.. the doc given, has basic configs and troubleshooting steps..


Hope this helps.. all the best..


Raj

harinirina Wed, 01/07/2009 - 01:11
User Badges:

Hi Raj,


IDSM is already added to CSM.


We tried to launch IDM using web browser, it works fine.


The problem appears only when launching it from CSM.


More help is really appreciated.

harinirina Thu, 01/08/2009 - 07:00
User Badges:

Hi Raj,


We have upgraded CSM version. we can now launch IDM and IPS Event Viewer.


Thanks for your help.

sachinraja Thu, 01/08/2009 - 07:22
User Badges:
  • Red, 2250 points or more

hey.. thats cool.. all the best...


RAj

Actions

This Discussion