I believe the 1st Pix version to support IDS was 5.2(1) according to the Pix Release Notes.
All later version of the Pix should support IDS.
In Pix 6.0 there is support for interoperability with IDS sensors. IDS sensors are now able to connect to the Pix and change the Pix configuration to block ip addresses using a new "shun" command on the Pix.
As for updating signatures. You can configure the signatures using the ip audit command.
As for new signatures: The signatures are hard coded in the Pix source code and users can not add their own custom signatures. New signatures would have to be included as part of a new Pix software version.
I would suggest either calling the TAC to request that more signatures be added to the Pix IDS feature, or begin a discussion on the Pix Net Pro Forum. The IDS Net Pro Forum is primarily monitored by developers of the IDS-42xx applliances and the WS-x6381-IDS Module for the Cat 6000. To get the attention of the Pix developers I would recommend posting on the Firewall forum.
thanks for you reply...btw have you ever configured VPN + NAT using cspm 232f ? I've never been successful to configure this ? I won't work VPN+NAT...How can I solve this problem... or CSPM is not intended for configuring VPN with NAT. Because I can configure VPN+NAT using CLI..
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...