07-23-2007 11:30 AM - edited 03-10-2019 03:42 AM
I understand there is IOS that contains security signatures that can send syslog messages back to MARS for signatures alerts. Are these signatures in IP Base or is there another train required? I tried doing the software advisor tool but couldn't find anything. Thanks!
Mike.
Solved! Go to Solution.
07-24-2007 10:25 AM
You do not get the IDS/IPS features in the IP Base IOS. The feature you're looking for is IDS and/or IPS. It is included in the Enhanced Security and FW/IDS IOS releases. Please note there are significant changes between pre and post 12.4.11T IOS releases (mostly the diference between ver 4.x and ver 5.x signatures).
If you want reporting data fed into CSM, you will get more data fields if the signature event stream is SDEE rather than Syslog.
07-24-2007 10:25 AM
You do not get the IDS/IPS features in the IP Base IOS. The feature you're looking for is IDS and/or IPS. It is included in the Enhanced Security and FW/IDS IOS releases. Please note there are significant changes between pre and post 12.4.11T IOS releases (mostly the diference between ver 4.x and ver 5.x signatures).
If you want reporting data fed into CSM, you will get more data fields if the signature event stream is SDEE rather than Syslog.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: