I have several questions for you experts out there and am praying someone can give me some answers. First of all, my company gave me 3 IDSM sensors to install in our main office and two remote branches. I have one server to use as the Director. I have to some how connect the two remote IDSM's to a centralized director over the internet. So my questions are:
1. is this possible? I read somewhere you can use IPSec to connect a remote sensor to a centralized director over the internet. Can and how do you do this?
2. Where do I find more information on configuring and installing these components. I am under the impression that you first configure CSPM on a server, install your IDSM into your switch, connect your server to the command and control port, configure your IDSM, and you should have communication.
3. I am confused about the different versions out there. Is the sensor ver 3.0 and the CSPM ver 2.3.3? I know you are all probably laughing your butts off but I am sitting in a mound of software trying to figure out what is going on.
4. Feel free to add anything I may have missed. Thank you very much for your time.
To upgrade your sensor to 3, you need to first do the upgrade to 2.5, assuming you have 2.2.3.
2.5 is not located on CCO. I have the NFR subscription to have access to CSPM, but my sensor is stuck at 2.2.3 for now, kind of dissapointing to learn on a sensor with old software. I hope Cisco changes their mind and allows 2.5 for download. (You are unable to upgrade directly to 3 according to the documentation). At least allow the download for those that have purchesed the NFR subscription to the Cisco Secure products.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...