Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy Manager or Netranger?

What is the main difference between the Policy Manager, and the Netranger software? I don't know whether or not it's called Netranger, but I'm sure you smart fellas know what I'm talking about. We are currently looking to upgrade or Netranger software, but are curious to know if we should or should not look into the Policy Manager.. Will the policy manager do what netranger does? Lemme know lemme know..

Thanks much

Cisco Employee

Re: Policy Manager or Netranger?

NetRanger was the the name for the IDS product developed by Wheelgroup.

Wheelgroup was purchased by Cisco, and the IDS product name remained as NetRanger

for at least the first year.

Then Cisco went through a series of renaming products and the NetRanger product was

renamed to Cisco Secure IDS.

The part numbers changed from NRS-E, and NRS-FE to IDS-4220, and IDS-4230.

The NetRanger/Cisco Secure IDS product line included the Appliances as well the Unix Director Software. (The IDS Module for the Cat 6K (IDSM) was also added over a year ago)

At around the same time the Configuration and Alarm viewing functionality was being added to another Cisco product, the Cisco Secure Polivy Manager (CSPM).

CSPM was orignally developed and designed to configure Firewalls and routers.

With version 2.1 of CSPM I believe, it could configure the IDS-42xx appliances, and IDSM.

The end user functionality is similar to that available in the Unix Director.

They do it in different ways in some cases (for example Unix Director relies on HP OpenView for alarm viewing, while CSPM has a spreadsheet like viewer for alarms).

Some functionality is only available in one and not the other.

So today users have a choice of either using the Unix Director or CSPM to configure their sensors and view the alarms. They would have to evaluate each and determine which method they prefer, and determine if one product has functionality they need which may not be availble in the other product.

So if today you are using the Unix Director and are happy with the functionality it provides then you can feel free to continue using it (just be sure to upgrade it to the latest version 2.2.3 with Sig17 if you haven't yet). Or you can ask a Cisco rep to let you evaluate CSPM and determine if you would like to switch to CSPM.

CSPM is sold in 2 methods that I am aware of.

One is a limited license purchase, and will not be upgradeable to the next stage of IDS management tools.

The other purchase method would be to purchase it as part if the VMS (VPN/Security Management System) Bundle of products. It has CSPM v2.3.1i (latest) for IDS management, as well as CSPM v3.0f for Fireall management, as well as tools for managing Host based IDS, and VPN concentrators. If you purchase the VMS bundle with software support then you would be upgradeable to the next stage of IDS management tools.

For where CIsco is going in the future with IDS management and alarm viewing tools you would need to contact a Cisco representative as such details are not provided on this Forum.