MARS has been generally well received by my clients. There is some up front work that needs to be done, like the adding of devices to the MARS appliance, configuring Cisco devices to send their syslogs to it, and the opening up of holes in firewalls and ACLs so that SNMP can pass through. You need to establish early on that the appliance will not initially discover their network on its own!
Though with that said, once everything is set up the dashboard is a very useful feature.
My biggest problem is with clients who want to simulate an attack on a live network to see how well MARS works. Go ahead and do it in a lab environment but restrain your clients from attacking themselves and breaking something by mistake.
A few items I know Cisco is working on:
1. Password rotation is an issue
2. Support for CDP
3. Layer 3 mitigation via a push
4. Sizing the of the MARS appliance to fit the needs of the customer is an evolving process.
I agree 100% with being able to move devices in the topology map. Though I will leave it to better minds than mine as to how this could be accomplished.
As for backing up the config, if you make a seed file for your devices this is a kind of backup. The entering of devices into the MARS box is the most time-intensive part of getting the box up and running.
maybe this is possible through the backup. i dont need the seed file as long as i get my devices back to a new mars appliance. at the moment we are evaluating a borrowed box. so if we get our own, i don't want zu add all devices by hand again.
If you have cisco works or some other software that can export a seed file you can then import that file into MARS. If you don't have an NMS app available you can create the seed file in CSV then import it. The fields needed are in the manual I belive.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :