Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IDS,ASA,PIX firewall monitoring and optimizing

Dear All,

Please let me know the products from Cisco to monitor and optimize the IDS, ASA, PIX firewall in the data centre and corporate networking environment.

I believe that VMS 2.3 can be used.I like to know about the CS-MARS product from Cisco and its usage.

Thanking you

Swamy

  • Intrusion Prevention Systems/IDS
4 REPLIES

Re: IDS,ASA,PIX firewall monitoring and optimizing

Hi,

CS-MARS is a security product that mainly used to analyse, correlates and produce/recommed mitigation action based on the log analysis.

You need to send your syslog, snmp or NetFlow to CS-MARS from all/selected network devices in the network to enable it to have visibility of the network activities. It has built-in signatures or rules that trigger incidents, and allows you can create your own rule to monitor certain segment or devices. Notification is available in the form of email, sms, pager, snmp and syslog.

CS-MARS does not replace the function of IDS/IPS or antivirus, but as a critical security complimentary product to allow you to stop any detected malicious incidents/activities from a nearest point, e.g shutting down switch port where a PC is detected trying to launch network attack, virus or trojans. The concept more or less similar to 'Forward Defense' used by certain country today.

http://www.cisco.com/en/US/partner/products/ps6241/products_data_sheet0900aecd80272e64.html

CS-MARS is measured by its capabilities to handle received Event and Netflow logs per second. This include the HDD capacity. You can have single unit (Local Controller) or multiple unit that centrally managed by Global Controller.

CS-MARS support wide range of networking and security products.

http://www.cisco.com/en/US/partner/products/ps6241/products_device_support_tables_list.html

Rgds,

AK

New Member

Re: IDS,ASA,PIX firewall monitoring and optimizing

Dear Kiprawih,

Thank you for your useful information. I wants to know the centralized monitoring and Management software or the device for IDS/PIX/ASA5500.

I am waiting for your information.

Thnaks

swamy

Re: IDS,ASA,PIX firewall monitoring and optimizing

Hi,

There is a new security management product called Cisco Security Manager (3.0). It's a part of Cisco Security Management Suite (combined with CS-MARS).

This tool will replace the role of Cisco VMS 2.3, as recommended by Cisco in:

http://www.cisco.com/en/US/partner/products/sw/cscowork/ps2330/index.html

This Cisco Security Manager (3.0) is a scalable deployment and management tool. Among its functions/benefits/features are facilitating the provisioning of VPN, Firewall and IPS, as well as provide integrated management, operational and health/performance monitoring.

The supported devices are:

* Cisco PIX Security Appliances

* Cisco ASA 5500 Series Adaptive Security Appliances

* Cisco IPS 4200 Series Sensors

* Cisco Catalyst 6500 Series Firewall Services Module

* Cisco Catalyst 6500 Series VPN Services Module

* Cisco Catalyst 6500 Series IDSM2

* Cisco Catalyst 6500 Series IPS Services Modules

* Cisco IOS IPS Router Sensor Modules

* Cisco Integrated Services Routers

More details on Cisco Security Manager (3.0) is availabe at:

http://www.cisco.com/en/US/partner/products/ps6498/products_data_sheet0900aecd803ffd5c.html

Rgds,

AK

New Member

Re: IDS,ASA,PIX firewall monitoring and optimizing

Thank you very much for your information.

Swamy

281
Views
9
Helpful
4
Replies