I work on most of Cisco IDS devices. At the beginning, when the ids was just new, you could only operate it from the Director which need as u know HP open view and Unix machine which was not easy compared with other IDS. Then Cisco came out with the CSPM 2.3 which in my opinion was really a headache. It was operating over NT. And you won't believe how many times it crashes and I have to reinstall it without any reson. Now, I guess Cisco IDS is getting more stable. If you buy the IDS alone , you can operate it fully without the need to have special software since it has a web interface which in my opinion are really very good. It s web interface. Also the new IDS managmenet console that comes bundled with the CiscoWorks VPN/Security Management Solution (VMS) 2.1. It is really good and operate on Windows 2000 and stable. People who works on the CSPM 2.3, I think they will thank God that now they have this. I guess Cisco IDS is getting more and more stable and more productive. This is what I think.
Regards, Anan Beshara CCIE 7791 ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Someone told me in an authoritative voice today that Cisco doesn't recommend > their IDS. They recommend Snort. Is this really true? Isn't Cisco's IDS a > big part of SAFE? > > Of course, the person who said this doesn't understand that Cisco is a huge, > chaotic organism, and that saying Cisco does something based on what one > person does, doesn't make sense. > > But I'm just curious, what do you all recommend for intrusion detection? How > do Snort and Cisco IDS compare? I guess Cisco's solution is a bit more > complicated, requiring appliances or IDS cards in a switch and a console: > > Cisco Secure IDS Director-HP OpenView Network Node Manager "plug-in" that > runs on UNIX (Solaris and HP-UX) > > Cisco Secure Policy Manager (v2.2+)-Windows NT-based package > > Thanks. > > Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62943&t=62939 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
