Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Logging and Reviewing Firewall Logs

Is there a heuristic for setting up an intrusion detection system with a Cisco ISR? We would like to utilize our firewall logs for an intrusion detection system.

3 REPLIES
Silver
Gold

Re: Logging and Reviewing Firewall Logs

There are tools that will correlate firewall logs, if that's what you mean. To get you going, there's Cisco's own SIM product, MARS.

http://www.cisco.com/go/mars

There's the open source OSSIM: http://www.ossim.net/.

Silver

Re: Logging and Reviewing Firewall Logs

Intellitactics NSM will cross correlate many device types including routers, firewalls, & sensors:

http://www.intellitactics.com/int/

150
Views
0
Helpful
3
Replies
CreatePlease to create content