My company wants to deploy a Intrusion Detection System. We've already got a Management Platform (CiscoWorks), and I'd like to know if Cisco Security Policy Manager (CSPM) (the IDS Management Console) allows to "send" alerts toward CiscoWorks (central management console).
This is a collection of security management tools sold under a single product name and price.
The CW VMS collection of tools contain 2 new tools for managing Cisco's network IDS sensors:
Management Center for IDS (IDS MC) - which is used to configure the sensors
Monitoring Center for Security (SecMon) - which is used for viewing IDS alarms
Both IDS MC and SecMon are web based and were created to fit directly into the Cisco Works 2000 framework.
NOTE: CSPM 2.3.1i is also included in CW VMS for managing IDS sensors, but the new IDS MC and SecMon were created to replace CSPM 2.3.1i. CSPM2.3.1i is still shippping to support users who have not yet made the switch from CSPM to IDS MC and SecMon.
SecMon would be the main tool used for viewing the IDS alarms.
SecMon can be used for generating email alerts for specific IDS alarms, or executing user defined scrypts.
I am not sure if SecMon can forward the IDS alarms to other Cisco Works tools (I am not sure what the central management console is that you mention). You would need to read through the SecMon documentation to see what integration exists between SecMon and the other Cisco Works management tools.
SecMon also has some functionality for aggregating alarms from the IDS sensors, but you would need to read the SecMon documentation to see to what extent the aggregation is done.
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...
Unable to get signature update from cisco.com
1. Make sure the router can get name resolution. Configure the router with a proper DNS name server.
ISR4451#utd threat-inspection signature update server cisco username xxxxx password yyyyy