Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
407
Views
15
Helpful
2
Replies

IDS Configuration examples.

apriore685
Level 1
Level 1

‎04-11-2003 05:44 AM - edited ‎03-09-2019 02:52 AM

Hello

I am new to IDS. I am experienced with Cisco security, though I have never worked with and IDS system. I was wondering if Cisco had an Example Config page like they do for the PIX firewall. I would like to see some examples on how to set it up and where to place the command and control interface and monitoring interface. Also if someone has any good white papers on the IDS that would be greatly appreciated.

Thanks

Anthony

Labels:
0 Helpful
2 Replies 2

dbobeldyk
Level 1
Level 1

‎04-11-2003 06:14 AM

Take a look at the main product page for the 4200 Series Sensors:

IDS 4200 Series Products Page

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/index.html

White Paper on Cisco's Web Site:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_white_paper09186a0080092334.shtml

Snort's web site also has some good IDS documentation as well.

http://www.snort.org/docs/

Hope this helps!

-Denny

dbarry
Level 1
Level 1

‎04-11-2003 07:01 AM

I second the motion. We too have new IDS 4210's. The docs are poor when it comes to explaining things.

Most things (like shunning) are inferred, not explained.

Most options in the configs are not explained nor documented - Like in Signature Configuration, what's the definitions of the 5 different EventActions? What do you specifically edit to make a Signature create a access-list block?

Heck, anybody have an example of the rule the sends a disconnect to anyone sending a email with the word "special" in the FROM address field?

0 Helpful
Customers Also Viewed These Support Documents