Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IDS selection?

Hello All,

In fact i am a Linux guy, somehow pulled to select cisco hardware for our data centre , that is the reason asking silly question :) but you have to bare it, heh

In fact we are planning to have PIX 515 for our data centre , is it possible to configure PIX as IDS as well ? or we have to buy seperate IDS hardware, if we have to buy seperate, then what is recommended hardware.

thanks

4 REPLIES
Hall of Fame Super Silver

Re: IDS selection?

Nayyar

If you are purchasing equipment for the data centre and get a PIX 515 then you would need additional hardware for IDS. And the PIX is relatively old technology at this point. Cisco has introduced a new product line the ASA5500 which strategically will be the replacement product for PIX. You can get an ASA5510 which has an IDS module as part of the equipment which will perform better than the PIX and probably cost less than the PIX plus an IDS.

My suggestion to you is to look into the ASA5500 products as the equipment for your data centre.

HTH

Rick

New Member

Re: IDS selection?

To follow up, even though the 515 has a ids function, or is that just part of the Java module for the PDM?

I had read that you can enable IDS with the IP audit command in the cli. In the pdm the options on the policy to interface mappings have none in the drop down menus. TIA

Cisco Employee

Re: IDS selection?

are you looking for an extensive IDS/IPS functionality ? if not then yes you may certainly go for pix 515 "E"...

there are just 50 signatures supported by Pix fw

in order to be able to add some signatures to the PIX FW you can use the

IP audit command, please follow this URL for more information about this

command:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref

/gl.htm#wp1101884

note that not all the signatures are supported on the PIXOS code,

below is the list of supported signatures:

http://www.ciscotaccc.com/kaidara-advisor/security/showcase?case=K93520960

the support for all IDS signatures, this is only available for IDS sensors.

regarding the new FW family 'ASA' here is a link where you can find some

useful information about it,

http://www.cisco.com/en/US/customer/products/ps6120/index.html

so now decide if you wanna save the money or save the network..:-)

New Member

Re: IDS selection?

Looking for at least some IDS functionality since we already have a 515E ur Pix. Is the IDS feature cli only? The pdm doesn't seem to be helpful.

Would Snort be a better option? thanks.

142
Views
0
Helpful
4
Replies
CreatePlease login to create content