Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Cisoc IPS Sensor 5.1

Where can I find a listing of the threats that are mitigated by the ICS Sensor 5.1. We are evaluating the product, and one primary need is spyware/adware blocking. I know it lists spyware/adware as one of the 'anti-x', but there are no "details" to be had. Has anyone installed and configured this? Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: Cisoc IPS Sensor 5.1

There is always the ASA5510 or 5520 appliances with the CSC module that does anti-x (where x= spam, virus, spyware). THe problem with these devices is that you cannot do IPS and Anti-x at the same time. Each one is a seperate module.

10 REPLIES
Gold

Re: Cisoc IPS Sensor 5.1

When you say "sensor" I guess you're talking about the Cisco network-based IPS appliance? It isn't going to do a good job of preventing spyware/adware. If that's a primary requirement, then I would suggest looking at either network-proxy solutions (like WebWasher or Bluecoat) or host-based IPS solutions, like Cisco's own Cisco security agent.

Community Member

Re: Cisoc IPS Sensor 5.1

Thanks. That's what I thought but could not find definitive information. We do have the IPS appliance and want to implement. One of the requirements of our security posture is spyware/adware. A member of the team read that one of the fetaures of IPS appliance was spyware/adware blocking. We currently have host based solutions, but wanted to mitigate the spyware as much as possible prior to hitting the desktop. Thanks again for your reply.

Community Member

Re: Cisoc IPS Sensor 5.1

There is always the ASA5510 or 5520 appliances with the CSC module that does anti-x (where x= spam, virus, spyware). THe problem with these devices is that you cannot do IPS and Anti-x at the same time. Each one is a seperate module.

Community Member

Re: Cisoc IPS Sensor 5.1

Thanks for the response. We are actually going to evaluate other solutions.

Community Member

Re: Cisoc IPS Sensor 5.1

Hi, the IPS 5.0 has trendmicro signatures to prevent worms and networks virus in to the lan. The csm module for ASA is other solution to put in the internet gateway like a proxy.

Take care.

Gold

Re: Cisoc IPS Sensor 5.1

What you're talking about is a separate product called ICS (see: http://www.cisco.com/en/US/products/ps6542/products_data_sheet0900aecd8033185b.html).

For a technical review see:

http://www.cisco.com/en/US/products/ps6542/products_white_paper0900aecd8033186b.shtml

The product does not appear to be designed to prevent spyware and adware. In fact, it doesn't even appear to stop worms and virii unless they are NEW and of significant status.

Community Member

Re: Cisoc IPS Sensor 5.1

I am in a similar situation. Does anyone know where there might be a list of signatures included in the distribution and which ones are enabled by default. I could get them out of our sensors, but I am trying to get a paper done in a hurry to submit to my customer on the 4250 sensors we use.

Gold

Re: Cisoc IPS Sensor 5.1

5.1(2)S246.0.

Gold

Re: Cisoc IPS Sensor 5.1

5.1(2)S246.0.

Community Member

Re: Cisoc IPS Sensor 5.1

Thank you.

324
Views
9
Helpful
10
Replies
CreatePlease to create content