Hello, Our company has purchased couple of IPS 4240 and they are lying in the lab for couple of days. I started working on them to get a feel of IPS. It has 4.1 Device Manager and looks like the latest is 5.x.
1. I see VMS, IDM(Device Manager, SDM,etc being used several posts and all seem to be used to manage these kind of devices. Is this true?
2. Which is the best of all in the above listed tools?
3. How do I download them? It is asking for CCO acct. I do have a serial number on the back of IPS. Does it help me to create CCO acct? We purchased these from a vendor and not directly from Cisco.
you are right.... IPS can be managed through a VMS, IDM, etc... I guess you should have got a 5 device license for VMS with the 4240 !!! you can install this VMS on a seperate server and use it to manage the IPS.... VMS also gives you additional features like configuration management (for switches/routers), inventory management, syslog management , software management etc... Hence VMS is a comprehensive solution for managing all Cisco devices on your network, including the IPS....
IDM is a GUI designed to manage IPS.. The webserver resides on the sensor itself... Make sure you have java applets on the desktop from which you are accessing IDM.
I feel your pain....the Cisco alphabet soup of management options can be overwhelming.
Since you are a newb, I suggest you skip CiscoWorks VMS for now and start tracking your IDS using Cisco's IDS Event Viewer. It is a simple client side application that will allow you to see what is happening on your IDS.
Then I would suggest you upgrade to the IPS 5.0 version of software. The built-in IDM is tons better than the previous version and gives you much more control and insight into the sensor. The IDS event viewer will still work once you have 5.0 running, but you have to remember to install signature updates to both the sensor and the client IDS viewer.
Finally, you can work on using CiscoWorks VMS. That will require a beefy, dedicated server platform. CiscoWorks includes tons of stuff, but the two things that are useful are Security Monitor and Management Center for IPS. Security Monitor is basiclly the replacement for the IDS event viewer, and MC is another way to manage sensors.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :