Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

pointing IPS/IDS sensors to a 3rd party

Hey guys, this is probably a simple question but for some reason I can't find a simple answer.

I'm testing out a Juniper STRM 2500 box and need to point my 4 IDS/IPS sensors to it so it can collect the data and so on. Is there a command to forward events onto the 3rd party device or do I simply set the logging (syslog type) to send to the juniper box.

Thanks in advance.

3 REPLIES
Gold

Re: pointing IPS/IDS sensors to a 3rd party

Unless the Juniper STRM can act as an SDEE client (some SIMs can), you'll have to enable the SNMP action on each signature you wish to have report and point your SNMP traps at the Juniper STRM IP address.

New Member

Re: pointing IPS/IDS sensors to a 3rd party

The STRM Juniper box does do SDEE but how do you configure SDEE on the 4215 sensor? It does give the option for a 3rd party interface but it seems more like it wants to receive information and not send it. Any tips would help.

Gold

Re: pointing IPS/IDS sensors to a 3rd party

The sensor is an SDEE server, configure the sensor to allow the STRM's IP address and give the sensor login/password to your STRM box and let STRM connect to the sensor.

The STRM box will have to request the event data from the sensor.

255
Views
5
Helpful
3
Replies
CreatePlease login to create content