Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Desperate Rookie

I have several questions for you experts out there and am praying someone can give me some answers. First of all, my company gave me 3 IDSM sensors to install in our main office and two remote branches. I have one server to use as the Director. I have to some how connect the two remote IDSM's to a centralized director over the internet. So my questions are:

1. is this possible? I read somewhere you can use IPSec to connect a remote sensor to a centralized director over the internet. Can and how do you do this?

2. Where do I find more information on configuring and installing these components. I am under the impression that you first configure CSPM on a server, install your IDSM into your switch, connect your server to the command and control port, configure your IDSM, and you should have communication.

3. I am confused about the different versions out there. Is the sensor ver 3.0 and the CSPM ver 2.3.3? I know you are all probably laughing your butts off but I am sitting in a mound of software trying to figure out what is going on.

4. Feel free to add anything I may have missed. Thank you very much for your time.

6 REPLIES
Community Member

Re: Desperate Rookie

hi mate !!!

Curently IPSEC is only supported between the Director

and the 4210&4230 Sensors

IPSEC is not supported on the IDSM.

Sit the CSIDS 3 day course or buy the tranning book

CSIDS , it's really good and covers everything.

I'm not trying to be smart here, but there is a lot of issues you need to be aware of , so you need some kind of training either sit the course or get the Training kit

good luck

chers

per

Community Member

Re: Desperate Rookie

Thank you perbo. My boss will never spring for a IDS class. So it looks like I'm on my own. Is there any other message boards you know of that I can go to to pick up some tips?

Cisco Employee

Re: Desperate Rookie

Wade,

It might be beneficial to check out this link to a request on this board for introductory IDS info:

The topic is "beginner" and was last updated on Feb 7.

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.ee78e9f%2F0

Ward.

Cisco Employee

Re: Desperate Rookie

In response to your 3rd question about versions.

The latest CSPM version that manages IDS is 2.3.3i with S18 signatures.

To get to the latest you simply need to load 2.3.3i.

Then install the S18 signatures by following the instructions in the readme file.

The latest IDSM version is 3.0(3)S13.

To get to the latest you need to install the 3.0(1)S4 Cab files.

Then install the 3.0(3)S10 Service Pack.

Then install the 3.0(3)S13 Signature Update.

Refer to the release notes and readme files for installation instructions.

Check this web page to find these files:

http://www.cisco.com/kobayashi/sw-center/ciscosecure/ids/crypto/

Community Member

Re: Desperate Rookie

To upgrade your sensor to 3, you need to first do the upgrade to 2.5, assuming you have 2.2.3.

2.5 is not located on CCO. I have the NFR subscription to have access to CSPM, but my sensor is stuck at 2.2.3 for now, kind of dissapointing to learn on a sensor with old software. I hope Cisco changes their mind and allows 2.5 for download. (You are unable to upgrade directly to 3 according to the documentation). At least allow the download for those that have purchesed the NFR subscription to the Cisco Secure products.

-Denny

Community Member

Re: Desperate Rookie

Thank you Denny.

131
Views
0
Helpful
6
Replies
CreatePlease to create content