Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
3
Replies

CSPM & CiscoWorks

igor.lib
Level 1
Level 1

‎01-24-2003 06:40 AM - edited ‎03-09-2019 01:50 AM

Hi guys!

My company wants to deploy a Intrusion Detection System. We've already got a Management Platform (CiscoWorks), and I'd like to know if Cisco Security Policy Manager (CSPM) (the IDS Management Console) allows to "send" alerts toward CiscoWorks (central management console).

Which version (of CiscoWorks) I need?

How can the alerts be aggregated?

etc...

thanks alot ;-)

Igor Lib

Labels:
0 Helpful
3 Replies 3

r-simpson
Level 3
Level 3

‎01-30-2003 07:44 AM

If you are planning to buy CSPM, you can buy the VMS instead which has the CSPM inbuilt, for more information take a look at the below URL

http://www.cisco.com/en/US/products/sw/cscowork/ps2330/prod_bulletin09186a00800e689a.html

0 Helpful

marcabal
Cisco Employee
Cisco Employee

‎01-30-2003 11:13 AM

You want to purchase the Cisco Works VPN and Security Management Solution (CW VMS) v2.1:

http://www.cisco.com/en/US/products/sw/cscowork/ps2330/index.html

This is a collection of security management tools sold under a single product name and price.

The CW VMS collection of tools contain 2 new tools for managing Cisco's network IDS sensors:

Management Center for IDS (IDS MC) - which is used to configure the sensors

and

Monitoring Center for Security (SecMon) - which is used for viewing IDS alarms

Both IDS MC and SecMon are web based and were created to fit directly into the Cisco Works 2000 framework.

NOTE: CSPM 2.3.1i is also included in CW VMS for managing IDS sensors, but the new IDS MC and SecMon were created to replace CSPM 2.3.1i. CSPM2.3.1i is still shippping to support users who have not yet made the switch from CSPM to IDS MC and SecMon.

SecMon would be the main tool used for viewing the IDS alarms.

SecMon can be used for generating email alerts for specific IDS alarms, or executing user defined scrypts.

I am not sure if SecMon can forward the IDS alarms to other Cisco Works tools (I am not sure what the central management console is that you mention). You would need to read through the SecMon documentation to see what integration exists between SecMon and the other Cisco Works management tools.

SecMon also has some functionality for aggregating alarms from the IDS sensors, but you would need to read the SecMon documentation to see to what extent the aggregation is done.

0 Helpful

igor.lib
Level 1
Level 1
In response to marcabal

‎01-31-2003 12:14 AM

Ok, thanks for the answer!

see you! ;-)

Igor Lib

0 Helpful
Customers Also Viewed These Support Documents