Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Solaris station instead of dedicated machine ?

In analogy with CallManager where it is possible to use a PC instead a dedicated machine , can I use a station with Solaris like a sensor ? If it is possible, which are the requirements and how can I install it ?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Solaris station instead of dedicated machine ?

Not supported.

The initial cost for the software install on your pc may be cheaper initially, but when looking at long term maintenance costs the appliance is cheaper to maintain over the long run. You only have to pay one maintenance fee for the appliance (both hardware and software) where otherwise you might pay maintenance for the hardware, for the Operating System, and then for the IDS software. When you order an appliance you know it is going to work with the software, and usually have it up and running in 15 minutes or less. In a software only model it could take several days as you get the OS loaded and try to figure out which patches need to be loaded, then load the IDS software. Then you might find that you need more memmory, or the NIC you have is not supported with that IDS software, or you need a later BIOS to get better performance on the sensor. Then you have to spend the time to secure your OS so hackers can't access your sensor. Software only users spend alot of time just getting the underlying box up and running the way it needs to, and then the IDS software only vendor can wind up spending alot of support time to help them get it up and running.

So you pay a little more up front cost to get an appliance that has already been fully qualified by Cisco. The software comes up the first time. The OS is already patched and specially tuned for IDS performance. The OS has already been secured, and comes preloaded with the needed encryption protocols. Cisco provides updates for the both the unerdyling OS and drivers as well as the IDS software in combined packages, so you don't need to check every week for additional OS patches. So the extra cost for an appliance is for the time that you don't have to spend doing these things.

Then when you have a problem you call just Cisco TAC for support, while with a software only solution you might have to call IDS support who may have to refer you to Microsoft or Sun Support who may refer you to Dell Support who may refer you back to IDS support with no one being able to get your sensor up and running.

3 REPLIES
Cisco Employee

Re: Solaris station instead of dedicated machine ?

Cisco does not sell it's IDS Sensor product line as software only installations.

The IDS Sensor Product line is sold as hardware/software combinations.

You need to buy the IDS-4200 Sensor Appliance Series hardware which comes with the IDS Sensor Software for it.

The Cisco IDS Management software, however, is sold as software only which you install on your own machine. Each IDS management software product has different machine requirements documented in their product literature.

So you will need tp pruchase the Cisco IDS Sensor hardware/software, and then additionally purchase the Cisco IDS Management software (that you install on your own machines).

Community Member

Re: Solaris station instead of dedicated machine ?

I installed some sensors 4210 to the clients, but I want to use a PC in lab for tests. Sensor 4210 is an expensive machine, so a Solaris machine (with other applications) could be a cheaper solution.

Cisco Employee

Re: Solaris station instead of dedicated machine ?

Not supported.

The initial cost for the software install on your pc may be cheaper initially, but when looking at long term maintenance costs the appliance is cheaper to maintain over the long run. You only have to pay one maintenance fee for the appliance (both hardware and software) where otherwise you might pay maintenance for the hardware, for the Operating System, and then for the IDS software. When you order an appliance you know it is going to work with the software, and usually have it up and running in 15 minutes or less. In a software only model it could take several days as you get the OS loaded and try to figure out which patches need to be loaded, then load the IDS software. Then you might find that you need more memmory, or the NIC you have is not supported with that IDS software, or you need a later BIOS to get better performance on the sensor. Then you have to spend the time to secure your OS so hackers can't access your sensor. Software only users spend alot of time just getting the underlying box up and running the way it needs to, and then the IDS software only vendor can wind up spending alot of support time to help them get it up and running.

So you pay a little more up front cost to get an appliance that has already been fully qualified by Cisco. The software comes up the first time. The OS is already patched and specially tuned for IDS performance. The OS has already been secured, and comes preloaded with the needed encryption protocols. Cisco provides updates for the both the unerdyling OS and drivers as well as the IDS software in combined packages, so you don't need to check every week for additional OS patches. So the extra cost for an appliance is for the time that you don't have to spend doing these things.

Then when you have a problem you call just Cisco TAC for support, while with a software only solution you might have to call IDS support who may have to refer you to Microsoft or Sun Support who may refer you to Dell Support who may refer you back to IDS support with no one being able to get your sensor up and running.

91
Views
0
Helpful
3
Replies
CreatePlease to create content