My company wants to deploy a Intrusion Detection System. We've already got a Management Platform (CiscoWorks), and I'd like to know if Cisco Security Policy Manager (CSPM) (the IDS Management Console) allows to "send" alerts toward CiscoWorks (central management console).
This is a collection of security management tools sold under a single product name and price.
The CW VMS collection of tools contain 2 new tools for managing Cisco's network IDS sensors:
Management Center for IDS (IDS MC) - which is used to configure the sensors
Monitoring Center for Security (SecMon) - which is used for viewing IDS alarms
Both IDS MC and SecMon are web based and were created to fit directly into the Cisco Works 2000 framework.
NOTE: CSPM 2.3.1i is also included in CW VMS for managing IDS sensors, but the new IDS MC and SecMon were created to replace CSPM 2.3.1i. CSPM2.3.1i is still shippping to support users who have not yet made the switch from CSPM to IDS MC and SecMon.
SecMon would be the main tool used for viewing the IDS alarms.
SecMon can be used for generating email alerts for specific IDS alarms, or executing user defined scrypts.
I am not sure if SecMon can forward the IDS alarms to other Cisco Works tools (I am not sure what the central management console is that you mention). You would need to read through the SecMon documentation to see what integration exists between SecMon and the other Cisco Works management tools.
SecMon also has some functionality for aggregating alarms from the IDS sensors, but you would need to read the SecMon documentation to see to what extent the aggregation is done.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...