Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
472
Views
0
Helpful
1
Replies

New to IDS

s-ariga
Level 1
Level 1

‎11-23-2001 10:31 PM - edited ‎03-08-2019 09:15 PM

Hi,

I am new to IDS .

Have installed a IDS 4230 netranger to my network .one port is management port .and 1 on promiscous mode which is connected to a switch(3512).I have the IDS director software installed on HP machine.I think i have installed the director and the sensor software right .IDS ,also packetd,loogerd..etc are visible in the nnm screen at the ids director .

I am unable to see any logs though.not even a single activity going on.

Should the port in the 3512 switch be configured to any particular mode or am I missing anything else...please guide.

Thanks

shiva

Labels:
0 Helpful
1 Reply 1

danrodri
Cisco Employee
Cisco Employee

‎11-25-2001 11:35 AM

The switch port needs to be designated as the "SPAN/monitor" port. SPAN the traffic you want analyzed to this port. The IDS monitoring port will not see any traffic otherwise.

0 Helpful
Customers Also Viewed These Support Documents