05-31-2003 08:09 AM - edited 02-20-2020 10:46 PM
I was wandering if there is available any IDS Event viewer (preferably a free one) that can be used for monitoring the alarms triggered on a Pix firewall and cisco router.
I.e. Can the IEV be used? If yes, what do I need to configure on the Firewall and Router?
Is there any other software for configuring (using GUI and not CLI) the alarms and signiture triggering?
Regards.
05-31-2003 08:48 AM
Hi,
The IDS appliance and the PIX firewall each has a free management software on it. The IDS has an additional piece of software that is called the Event Viewer. This will receive the alarms and display them.
But I guess, in your case, you are looking for implementing IDS feature on PIX and the router.
Both the router and PIX IDS implementation can send send the events to a syslog server.
Hope this helps.
Thanks,
yatin
05-31-2003 03:22 PM
Another good method for monitoring and alarming is to use a syslog demon (Kiwi syslog is very good) and filter on %4000 events - In the PIX error codes, these are defined as the IDS events.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide