Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSPM & CiscoWorks

Hi guys!

My company wants to deploy a Intrusion Detection System. We've already got a Management Platform (CiscoWorks), and I'd like to know if Cisco Security Policy Manager (CSPM) (the IDS Management Console) allows to "send" alerts toward CiscoWorks (central management console).

Which version (of CiscoWorks) I need?

How can the alerts be aggregated?

etc...

thanks alot ;-)

Igor Lib

3 REPLIES
New Member

Re: CSPM & CiscoWorks

If you are planning to buy CSPM, you can buy the VMS instead which has the CSPM inbuilt, for more information take a look at the below URL

http://www.cisco.com/en/US/products/sw/cscowork/ps2330/prod_bulletin09186a00800e689a.html

Cisco Employee

Re: CSPM & CiscoWorks

You want to purchase the Cisco Works VPN and Security Management Solution (CW VMS) v2.1:

http://www.cisco.com/en/US/products/sw/cscowork/ps2330/index.html

This is a collection of security management tools sold under a single product name and price.

The CW VMS collection of tools contain 2 new tools for managing Cisco's network IDS sensors:

Management Center for IDS (IDS MC) - which is used to configure the sensors

and

Monitoring Center for Security (SecMon) - which is used for viewing IDS alarms

Both IDS MC and SecMon are web based and were created to fit directly into the Cisco Works 2000 framework.

NOTE: CSPM 2.3.1i is also included in CW VMS for managing IDS sensors, but the new IDS MC and SecMon were created to replace CSPM 2.3.1i. CSPM2.3.1i is still shippping to support users who have not yet made the switch from CSPM to IDS MC and SecMon.

SecMon would be the main tool used for viewing the IDS alarms.

SecMon can be used for generating email alerts for specific IDS alarms, or executing user defined scrypts.

I am not sure if SecMon can forward the IDS alarms to other Cisco Works tools (I am not sure what the central management console is that you mention). You would need to read through the SecMon documentation to see what integration exists between SecMon and the other Cisco Works management tools.

SecMon also has some functionality for aggregating alarms from the IDS sensors, but you would need to read the SecMon documentation to see to what extent the aggregation is done.

New Member

Re: CSPM & CiscoWorks

Ok, thanks for the answer!

see you! ;-)

Igor Lib

82
Views
0
Helpful
3
Replies