Almost on topic- I have looked at the eval of CSPM, but had to run on Win2k for various reasons, NT is rec. platform, I didnt get to try the CSIDS integration. Has anyone used this combo? Does CSPM replace HPOVNNM? Do the auto hardening (feedback to router ACL/Shun) features work? Im not knocking the OVNNM interface, but we are a service provider that needs to scale to monitor many clients' IDS' and the OV map interface doesn't work well for us. Im hoping CSPM might offer an improved data management component. Of course the other features (VPM mgmt)are valuable as well... -B
Replying to my own post: Would anyone be interested in seeing an Intrusion detection forum here? I have reviewed the Cisco Safe blueprint for secure network architecture, there a *lots* of IDS sensors all over this design, I would really like to know what some others do with the volumes of IDS, syslog, firewall, vpn, other...data that is generated by a huge network like that (and ours).
OK, is ANYONE using Cisco Secure Policy Manager for anything??? VPN, PIX, ? I get to this list by navigating through the security page and clicking Join a "Security" discussion. This forum seems to concentrate mostly on VPN. Is ther a more appropriate place to post than here for perimeter security/IDS subject matter?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...