Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
2
Replies

CSIDS Director for NT?

Go to solution
r-lemaster
Level 1
Level 1

‎08-20-2003 02:35 AM - edited ‎03-09-2019 04:29 AM

Has Cisco come out with a version of CSIDS Director for NT yet? Does it require HP Openview?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎08-20-2003 07:54 AM

The CSIDS Director was originally built for Solaris and HPUX and required OpenView for monitoring of the alarms.

A few years ago the Cisco Secure Policy Manager (CSPM) had screens added to it so that it could configure and view alarms from Cisco IDS Sensors. CSPM was orignally built for managing firewalls, and had the IDS screens added to it. CSPM was designed to run on Windows NT.

(NOTE: CSPM does not require HP OpenView, it has it's own built in alarm viewer)

Recently (past year or so) both the CSIDS Unix Director and the Windows based CSPM are being replaced with 2 new web based tools.

IDS Management Center (IDS MC) is a web based tool for the configuring of Cisco IDS Sensors.

Security Monitor (SecMon) is a web based tool for viewing alerts generated by Cisco IDS Sensors.

IDS MC and SecMon are 2 of several other security mangement tool that have been grouped together in VMS (Cisco Works VPN and Security Management Solution).

IDS MC and SecMon were orignally built to run on Windows 2000, but have also recently been ported to Solaris.

These tools, the associates VMS web servers and other support tools are loaded on a central server (either Windows 2000 or Solaris), and can then be accessed remotely through a web browser on your own personal desktop machine.

(NOTE: SecMon does not rely on HP OpenView. It has it's own alarm viewer that the user accesses by web browsing to SecMon's web server)

SIDE NOTE:

CSIDS Unix Director and Windows based CSPM were originally built to manage the version 3.x Cisco Sensors. They are not being upgraded to work with the newer version 4.x sensors.

IDS MC and SecMon are built to be backward compatible with the older version 3.x sensors, and will also work with the newer version 4.x sensors.

All users are encouraged to migrate from CSIDS Unix Director and CSPM to IDS MC and SecMon.

-------------

Small side note:

Unix Director, CSPM, IDS MC, and SecMon were all designed for the enterprise deployments of numerous sensors.

If you are a small shop with only a few sensors you may consider using the inexpensive IDM and IEV instead.

IDM is the Intrusion Detection Device Manager and is a web based configuration tool that runs directly from a web browser on the sensor itself so no additional installation is needed by the user.

IEV is the Intrusion Detection Event Viewer and is a Windows Application that can be installed on Windows NT or Windows 2000.

IDM is included as part of the sensor software at no additional cost.

IEV can be downloaded from CCO at no additional cost for users with support contracts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎08-20-2003 07:54 AM

The CSIDS Director was originally built for Solaris and HPUX and required OpenView for monitoring of the alarms.

A few years ago the Cisco Secure Policy Manager (CSPM) had screens added to it so that it could configure and view alarms from Cisco IDS Sensors. CSPM was orignally built for managing firewalls, and had the IDS screens added to it. CSPM was designed to run on Windows NT.

(NOTE: CSPM does not require HP OpenView, it has it's own built in alarm viewer)

Recently (past year or so) both the CSIDS Unix Director and the Windows based CSPM are being replaced with 2 new web based tools.

IDS Management Center (IDS MC) is a web based tool for the configuring of Cisco IDS Sensors.

Security Monitor (SecMon) is a web based tool for viewing alerts generated by Cisco IDS Sensors.

IDS MC and SecMon are 2 of several other security mangement tool that have been grouped together in VMS (Cisco Works VPN and Security Management Solution).

IDS MC and SecMon were orignally built to run on Windows 2000, but have also recently been ported to Solaris.

These tools, the associates VMS web servers and other support tools are loaded on a central server (either Windows 2000 or Solaris), and can then be accessed remotely through a web browser on your own personal desktop machine.

(NOTE: SecMon does not rely on HP OpenView. It has it's own alarm viewer that the user accesses by web browsing to SecMon's web server)

SIDE NOTE:

CSIDS Unix Director and Windows based CSPM were originally built to manage the version 3.x Cisco Sensors. They are not being upgraded to work with the newer version 4.x sensors.

IDS MC and SecMon are built to be backward compatible with the older version 3.x sensors, and will also work with the newer version 4.x sensors.

All users are encouraged to migrate from CSIDS Unix Director and CSPM to IDS MC and SecMon.

-------------

Small side note:

Unix Director, CSPM, IDS MC, and SecMon were all designed for the enterprise deployments of numerous sensors.

If you are a small shop with only a few sensors you may consider using the inexpensive IDM and IEV instead.

IDM is the Intrusion Detection Device Manager and is a web based configuration tool that runs directly from a web browser on the sensor itself so no additional installation is needed by the user.

IEV is the Intrusion Detection Event Viewer and is a Windows Application that can be installed on Windows NT or Windows 2000.

IDM is included as part of the sensor software at no additional cost.

IEV can be downloaded from CCO at no additional cost for users with support contracts.

0 Helpful

Go to solution
r-lemaster
Level 1
Level 1
In response to marcabal

‎08-20-2003 05:27 PM

Does this mean that CSPM is being phased out and the whole mess will become part of the CiscoWorks suite?

I'm just trying to figgure out what is used for global management for PIX, IDS, & VPN devices.

Are the 3000 series VPN concentrators going to be added to CiscoWorks too?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents