Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can the IDS Adds a rule in the Netscreen Firewall

We are about to deploy IDS 4215. As we saw in the IDS presentation, the IDS will detect hacking attempts after that it will add a rule in the firewall to restrict it from further access.

Fine, this is valid if we are deploying Cisco Pix Firewall, unfortunately we have Netscreen Firewall 50! Can you please let us know the compatibility between Cisco IDS and Netscreen Firewall?

I mean how can we go around this?, I am interested to get Cisco IDS at the same time I do not want to stuck when I start doing the configuration.

Thanks,

Ismail Al-shelh

1 REPLY
Cisco Employee

Re: Can the IDS Adds a rule in the Netscreen Firewall

The Cisco IDS Sensors only have the ability to apply rules a few other Cisco devices (Pix Firewall, Cat 6500 switches, and several Cisco Routers).

It does not have the ability to apply rules on Firewalls and Routers from other companies.

To automatically create rules on the other devices you would have to write your own script/program to login to the device and add the rule.

The Security Monitor (alarm viewing tool in VMS) has the ability to automatically launch scripts/programs when specific alarms are seen and pass information contained in the alarm to the script.

So you would configure Security Monitor to start your script/program and pass it the alarm information. Your script/programs would parse the alarm information and send what ever rule is necessary to the device being reconfigured.

79
Views
0
Helpful
1
Replies
CreatePlease login to create content