What is the main difference between the Policy Manager, and the Netranger software? I don't know whether or not it's called Netranger, but I'm sure you smart fellas know what I'm talking about. We are currently looking to upgrade or Netranger software, but are curious to know if we should or should not look into the Policy Manager.. Will the policy manager do what netranger does? Lemme know lemme know..
NetRanger was the the name for the IDS product developed by Wheelgroup.
Wheelgroup was purchased by Cisco, and the IDS product name remained as NetRanger
for at least the first year.
Then Cisco went through a series of renaming products and the NetRanger product was
renamed to Cisco Secure IDS.
The part numbers changed from NRS-E, and NRS-FE to IDS-4220, and IDS-4230.
The NetRanger/Cisco Secure IDS product line included the Appliances as well the Unix Director Software. (The IDS Module for the Cat 6K (IDSM) was also added over a year ago)
At around the same time the Configuration and Alarm viewing functionality was being added to another Cisco product, the Cisco Secure Polivy Manager (CSPM).
CSPM was orignally developed and designed to configure Firewalls and routers.
With version 2.1 of CSPM I believe, it could configure the IDS-42xx appliances, and IDSM.
The end user functionality is similar to that available in the Unix Director.
They do it in different ways in some cases (for example Unix Director relies on HP OpenView for alarm viewing, while CSPM has a spreadsheet like viewer for alarms).
Some functionality is only available in one and not the other.
So today users have a choice of either using the Unix Director or CSPM to configure their sensors and view the alarms. They would have to evaluate each and determine which method they prefer, and determine if one product has functionality they need which may not be availble in the other product.
So if today you are using the Unix Director and are happy with the functionality it provides then you can feel free to continue using it (just be sure to upgrade it to the latest version 2.2.3 with Sig17 if you haven't yet). Or you can ask a Cisco rep to let you evaluate CSPM and determine if you would like to switch to CSPM.
CSPM is sold in 2 methods that I am aware of.
One is a limited license purchase, and will not be upgradeable to the next stage of IDS management tools.
The other purchase method would be to purchase it as part if the VMS (VPN/Security Management System) Bundle of products. It has CSPM v2.3.1i (latest) for IDS management, as well as CSPM v3.0f for Fireall management, as well as tools for managing Host based IDS, and VPN concentrators. If you purchase the VMS bundle with software support then you would be upgradeable to the next stage of IDS management tools.
For where CIsco is going in the future with IDS management and alarm viewing tools you would need to contact a Cisco representative as such details are not provided on this Forum.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...