Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
wadeski
wadeski
Community Member
‎03-18-2002 12:06 PM
‎03-18-2002 12:06 PM

Desperate Rookie

I have several questions for you experts out there and am praying someone can give me some answers. First of all, my company gave me 3 IDSM sensors to install in our main office and two remote branches. I have one server to use as the Director. I have to some how connect the two remote IDSM's to a centralized director over the internet. So my questions are:

1. is this possible? I read somewhere you can use IPSec to connect a remote sensor to a centralized director over the internet. Can and how do you do this?

2. Where do I find more information on configuring and installing these components. I am under the impression that you first configure CSPM on a server, install your IDSM into your switch, connect your server to the command and control port, configure your IDSM, and you should have communication.

3. I am confused about the different versions out there. Is the sensor ver 3.0 and the CSPM ver 2.3.3? I know you are all probably laughing your butts off but I am sitting in a mound of software trying to figure out what is going on.

4. Feel free to add anything I may have missed. Thank you very much for your time.

0 Helpful
Reply
6 REPLIES
Perbo
Perbo
Community Member
‎03-18-2002 10:09 PM
‎03-18-2002 10:09 PM

Re: Desperate Rookie

hi mate !!!

Curently IPSEC is only supported between the Director

and the 4210&4230 Sensors

IPSEC is not supported on the IDSM.

Sit the CSIDS 3 day course or buy the tranning book

CSIDS , it's really good and covers everything.

I'm not trying to be smart here, but there is a lot of issues you need to be aware of , so you need some kind of training either sit the course or get the Training kit

good luck

chers

per

0 Helpful
Reply
wadeski
wadeski
Community Member
‎03-19-2002 05:13 AM
‎03-19-2002 05:13 AM

Re: Desperate Rookie

Thank you perbo. My boss will never spring for a IDS class. So it looks like I'm on my own. Is there any other message boards you know of that I can go to to pick up some tips?

0 Helpful
Reply
wardwalk
wardwalk Cisco Employee
Cisco Employee
‎03-19-2002 07:11 AM
‎03-19-2002 07:11 AM

Re: Desperate Rookie

Wade,

It might be beneficial to check out this link to a request on this board for introductory IDS info:

The topic is "beginner" and was last updated on Feb 7.

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.ee78e9f%2F0

Ward.

0 Helpful
Reply
marcabal
marcabal Cisco Employee
Cisco Employee
‎03-19-2002 10:20 AM
‎03-19-2002 10:20 AM

Re: Desperate Rookie

In response to your 3rd question about versions.

The latest CSPM version that manages IDS is 2.3.3i with S18 signatures.

To get to the latest you simply need to load 2.3.3i.

Then install the S18 signatures by following the instructions in the readme file.

The latest IDSM version is 3.0(3)S13.

To get to the latest you need to install the 3.0(1)S4 Cab files.

Then install the 3.0(3)S10 Service Pack.

Then install the 3.0(3)S13 Signature Update.

Refer to the release notes and readme files for installation instructions.

Check this web page to find these files:

http://www.cisco.com/kobayashi/sw-center/ciscosecure/ids/crypto/

0 Helpful
Reply
dbobeldyk
dbobeldyk
Community Member
‎03-19-2002 01:24 PM
‎03-19-2002 01:24 PM

Re: Desperate Rookie

To upgrade your sensor to 3, you need to first do the upgrade to 2.5, assuming you have 2.2.3.

2.5 is not located on CCO. I have the NFR subscription to have access to CSPM, but my sensor is stuck at 2.2.3 for now, kind of dissapointing to learn on a sensor with old software. I hope Cisco changes their mind and allows 2.5 for download. (You are unable to upgrade directly to 3 according to the documentation). At least allow the download for those that have purchesed the NFR subscription to the Cisco Secure products.

-Denny

0 Helpful
Reply
wadeski
wadeski
Community Member
‎03-20-2002 05:56 AM
‎03-20-2002 05:56 AM

Re: Desperate Rookie

Thank you Denny.

0 Helpful
Reply
Latest Documents
Snort IPS on ISR, ISRv and CSR - Step-By-Step Configuration
Created by Kureli Sankar on 04-19-2018 11:25 AM
0
0
0
0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin... view more
Upgrade Chassis Manager (FXOS)
Created by Jeet Kumar on 02-23-2018 02:51 AM
2
15
2
15
    Login to the FXOS chassis manager. Direct your browser to https://hostname/, and log-in using the user-name and password.     Go to Help > About and check the current version:    Check the current version availa... view more
ASA 5506-X with ipv6 no access to internet
Created by Klaxel on 02-08-2018 01:25 AM
3
5
3
5
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6. In Syslog I also se... view more
All Documents
131
Views
0
Helpful
6
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
AnyConnect Certificate Based Authentication.
Created by Marvin Ruiz on 08-27-2012 05:20 PM
36
75
36
75
BLOG (No Title)
Created by athukral on 06-14-2011 04:23 AM
15
35
15
35
Wireless Hacking
Created by Anim Saxena on 01-24-2013 07:56 AM
2
25
2
25
All Blogs