I have not upgraded my sensors yet to the new IDS 3.1(2)S(23), which if I understand this right is the preferred version instead of the S(22). Can someone there give me an overview of this along with the Event Viewer and how this affects the Unix Director. Can I disgarde the Director and just use the Event Viewer? Could I use the Event Viewer to configure and monitor my sensors from my Win 2k workstation etc?
There are many improvements that have been made in 3.1(2) not only from the management and alarm viewing standpoint, but from sensor performance as well so I highly recommend that you apply the service pack.
That said you can use the event viewer and IDM as a replacement for the Unix director if your deployment is 1-3 sensors. They are meant to address these small deployment scenarios and provide an economical and efficient means of deploying our IDS solution. IDM and IEV do not scale well beyond that type of deployment. You are not required to use them however. You can disable IDM through sysconfig sensor and never deploy IEV and continue to manage your sensors as you always have if this is your desire, while still enjoying the other enhancements and refinements to the product that are in the service pack.
Hopefully this answers your question, but if not let me know and I'll try to clarify anything that is still cloudy.
If you are managing more than 3 sensors then you should continue to use CSPM v2.3.3i.
You could use IDM or CSPM for configuration. IDM only does one sensor at a time while CSPM can do multiple and share configs between sensors. You will want to use CSPM for Event Viewing since IEV has a 3 sensor limitation.
The new IDM and IEV are not geared for replacing the current enterprise level management software. The new IDM and IEV are geared towards the small business with only 1,2 or 3 sensors.
If you only manage 1,2 or 3 sensors then you could switch over to IEV and IDM or stay with CSPM.
If you aren't going to use IDM then you can disable it through sysconfig-sensor.
You will still want to upgrade to 3.1(2) because of performance enhancements and bug fixes in packetd, and all new signature releases will be based off the 3.1(2) train.
As for future versions of the enterprise level management you will need to contact your Cisco Representative as product roadmaps aren't discussed on the Forum.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :