I have confirmed that all sensors will be under IPS contracts.
As for CS MARS/CSM vs VSM...is VSM still available for sale? We are looking into a third party monitoring solution that claims to require we run Cisco VMS 2.3. I haven't checked with them yet if they'll support CS MARS.
However, I'd definitely go for the CSM/MARS combo if I had the choice based on the folloing quote:
"Cisco is not adding support for additional features and new devices in CiscoWorks VMS. Customers that require provisioning for Cisco firewalls, VPN?s, and Intrusion Prevention Systems (IPS) should consider the successor product Cisco Security Manager."
By new major/minor versions of IPS do you mean within 5.x, like 5.1(4) or 5.2? Or do you mean 6.0?
I know the new IPS devices like the ASA's SSM IPS cards are not (and will never be) supported in VMS. How much life can I expect to get out of my existing VMS platform, assuming I keep my existing sensors?
I had plans on using my VMS 2.3 thoughout most of next year. It gets a little tiring when Cisco forces a management platform change every 2 years.
It has the same major.minor as existing 5.1 sensors.
So 5.1(4) would continue to be supported by VMS 2.3.
Even later 5.1(5), 5.1(6), etc... Service Packs would continue to be supported by VMS 2.3.
However 5.2 would be a change in minor version. The .2 is a minor version upgrade.
The VMS 2.3 would not have configuration options for the new features and so would not be able to support a 5.2 sensor.
But this really isn't an issue. No plans in place for a 5.2 release.
Similarly 6.0 would be a change in major version. And so VMS 2.3 would not be able to support 6.0.
The EOS/EOL for VMS 2.3 has not yet been posted. So I would not expect the End of Support for VMS 2.3 for at least another year or more.
From an IPS perspective, the VMS support timeframe will likely be tied to how long signature updates will be provided for the IPS 5.1 versions.
There won't be a 5.2 release (6.0 is next), so lets talk of the effect that a 6.0 release would have on 5.1 signature udpates.
So for a Major 6.0 Release the End Of Signature Support policy states:
"For major-to-major releases (e.g., Version"A".x to Version"B".y, where "A" and "B" are consecutive version #s): Minimum of eighteen (18) months of signature release support after the end-of-sale announcement of that older software release."
So at this point and time you will have a minimum of 18 more months of 5.1 sig support, after the release of 6.0.
So my best guess is that when a VMS 2.3 EOS/EOL policy does come out it will probably state support for at least the additional 18 months that 5.1 signatures are being supported.
So if you are already running VMS 2.3, and are not in a rush to get IPS 6.0 when it releases, then you will probably be fine staying on IPS 5.1 and VMS 2.3 through most if not all of next year and part of the year after that.
BUT if you are a first time user, then I would suggest starting with CSM now.
Since I only have three sensors, I could also start with the free IDM (IPS Device Manager) correct? And free event viewer? I'll probably go with CSM and CS MARS in the long term, but to get me started, I'd like to begin with free tools.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...