PIX's and routers capable of running IDS run a very limited version of IDS. I believe they only catch 59 signatures which isn't very much. It's not bad for a small company that has a PIX that would like to start down the path of having a true IDS some day.
I'm not sure what you mean about Snort being recognized by the PIX. I would guess that you mean shunning which the PIX does not support regardless of whether you use Snort or a Cisco IDS solution. Only the routers support shunning. I personally use Snort for my small-medium clients since it's free, has a large install base, and can run on multiple platforms. If I have a client that is an all Windows shop I can put in on Win2k. If they are pro-Unix, I can put it on Linux or even Solaris. There is a lot more flexibility than some of the other IDS solutions for a lot less money. I doubt that I would desire an MS solution even if they did come out with one. I don't trust Bill when it comes to security. ""Brian Zeitz"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I read that the 2600 router (or definitely higher model routers) have > IDS built in, but if you bought any Pix Firewall it wouldn't have IDS. > Am I mistaken on this? So the most people who want IDS who cannot afford > / justify (just yet) and IDS box are using Snort? I have a pix 515UR, > and if I read correctly, it has the capabilities to interface to an IDS > box, but it is not an IDS box itself. Also, if I use Snort as an IDS, > will the pix be able to recognize it? Maybe Microsoft will come out with > a tool of this nature, which is free (not really free, but included with > OS) like some of the built in components in 2000. > > > > If I have some misinformation here, I have not read my 1000 page IDS > book as of yet, but I am working on MCNS. > > > > I found a document that will allow me to install Snort on Windows 2000, > that is my current plan for implementing IDS. Can anyone give me the > pros and cons of Snort Vs. Cisco IDS system? What other alternatives > should I be looking at. My company does not really need an IDS as of > yet, but I am doing this just for fun and for learning about > security/IDS. > > > > Hope my pro-Microsoft attitude is OK in the group. I like working on > routers and security, and don't spend a lot of time tweeking around with > Operating Systems. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46641&t=46639 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
