Where can I find a listing of the threats that are mitigated by the ICS Sensor 5.1. We are evaluating the product, and one primary need is spyware/adware blocking. I know it lists spyware/adware as one of the 'anti-x', but there are no "details" to be had. Has anyone installed and configured this? Thanks.
Solved! Go to Solution.
When you say "sensor" I guess you're talking about the Cisco network-based IPS appliance? It isn't going to do a good job of preventing spyware/adware. If that's a primary requirement, then I would suggest looking at either network-proxy solutions (like WebWasher or Bluecoat) or host-based IPS solutions, like Cisco's own Cisco security agent.
Thanks. That's what I thought but could not find definitive information. We do have the IPS appliance and want to implement. One of the requirements of our security posture is spyware/adware. A member of the team read that one of the fetaures of IPS appliance was spyware/adware blocking. We currently have host based solutions, but wanted to mitigate the spyware as much as possible prior to hitting the desktop. Thanks again for your reply.
Hi, the IPS 5.0 has trendmicro signatures to prevent worms and networks virus in to the lan. The csm module for ASA is other solution to put in the internet gateway like a proxy.
What you're talking about is a separate product called ICS (see: http://www.cisco.com/en/US/products/ps6542/products_data_sheet0900aecd8033185b.html).
For a technical review see:
The product does not appear to be designed to prevent spyware and adware. In fact, it doesn't even appear to stop worms and virii unless they are NEW and of significant status.
I am in a similar situation. Does anyone know where there might be a list of signatures included in the distribution and which ones are enabled by default. I could get them out of our sensors, but I am trying to get a paper done in a hurry to submit to my customer on the 4250 sensors we use.