the sensor cannot do this. The sensor will only accept syslog messages from routers that it is using for shunning. Why dont you configure the pix to notify the director? you must be using pix 6.0 or higher.
You are correct that the Pix did not port the Postoffice protocol when they implemented IDS on the Pix.
So you would have to rely on the syslog messages generated by the Pix.
CSPM is able to receive both the alarms generated by the IDS sensors and the syslog messages from the Pix.
They are not viewed in the same windows nor appear in the same reports, so you will have to look at both the syslog reports from the Pix and the IDS alarms. I believe that there might already be initiaives to correlate the data from the two message types in a future product, but I don't know any details
If using the Unix Director then you will have to rely on a third package for viewing the syslog data for the Pix.
You could look for syslog analyzers that are not security specific or you can purchase NetForensics which is able to receive alarms from the IDS sensors as well as the syslog messages from the Pix. I believe that it supposed to be able to coordinate data from the IDS sensor alarms in the syslog messages wiht some type of links, but I have not tried it myself. I would reccomend contacting NetForensics directly if that interests you: www.netforensics.com
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...