We are using Cisco Secure IDS 3.*, is upgrading it to version 4.*, We would like to see if Cisco Secure IDS can detect Instant Messager Usage and third-party web email usage, is it possible? And how? Do we need to have custom signatures, or Cisco already have.
These signatures fire on a client login attempt via their default TCP ports. The only usuage information you can obtain from these signatures is the number of login attempts detected.
Custom signatures will have to be developed to detect your third-party web email connections.
If I understand your request, determing usage of a product is out of the scope for CSIDS. However, using the above signatures and creating your own for web e-amil will give you some insight in the number of connections detected by CSIDS.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...