IDS mailing list archives
RE: CISCOs new IPS
From: "Billy Dodson" <billy () pmicromart com>
Date: Fri, 7 Jan 2005 14:27:17 -0600
The product I was referring to is the Cisco IOS IPS http://www.cisco.com/warp/public/732/Tech/security/intrusion/ I was not aware of a hardware appliance...but should have known they would have one....Cisco makes everything an appliance. -----Original Message----- From: Krystian Antoni [mailto:krystianantoni () gmail com] Sent: Friday, January 07, 2005 1:10 AM To: Billy Dodson Cc: loloinfo () free fr; focus-ids () securityfocus com Subject: Re: CISCOs new IPS can u tell me OS version of the cisco IPS you talking about? my dealer said that Cisco IPS composes of a Cisco IDS(alternatily called an IPS) v.5 OS which is not yet available. Currently Cisco IPS works on v.4.1.4 IDS OS which is in every Cisco IDS (ex 4235), but when v.5 will become available it will be replaced for free on IPS boxes. Hence true IPS function is not yet available. On Thu, 6 Jan 2005 14:18:10 -0600, Billy Dodson <billy () pmicromart com> wrote:
The cisco IPS is not quite what I thought it was going to be. The IPS is intended for use at branch offices or remote users where you would not normally spring for a fire-walling device. The IPS is nothing
more
then a IOS router with IOS firewall and the IDS engine. The IPS is
just
software that runs on a cisco router. It can use around 740
signatures
from the cisco IDS to run its "prevention". It basically turns your router into a small IDS/firewall. It will be able to create access lists or shuns on the fly. The same as a current cisco IDS works in conjunction with an IOS router or PIX firewall. This device is not intended to be the first line of defense within the network. The cisco IPS is not replacing the cisco IDS. The cisco IDS is still
a
good product and can be used as a prevention device when used in conjunction with a router or firewall. You can configure the sensor
to
send commands to the router or firewall to Shun the connection or
create
an access list on a router. -----Original Message----- From: loloinfo () free fr [mailto:loloinfo () free fr] Sent: Monday, January 03, 2005 5:52 AM To: Christoph Pertl (tm011081) Cc: focus-ids () securityfocus com Subject: Re: CISCOs new IPS is it CSA ?????????????? Selon "Christoph Pertl (tm011081)" <tm011081 () fh-stpoelten ac at>:Hi, I'm right now in the middle of a Project with the goal to implement
an
IPSin an existing infrastructure. One of our possible Partners offers
us
thenew IPS Product from Cisco. Does anyone of you now something about this machine or at least
about
theolder IDS-Box because I think the Inspection Engine will be the
same?
Any Information about how well it performs in a real environment
would
begreat Christoph
------------------------------------------------------------------------
--Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks
from
CORE IMPACT. Go tohttp://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708to learn more.
------------------------------------------------------------------------
--
------------------------------------------------------------------------
-- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
--
------------------------------------------------------------------------ --
Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------ --
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: CISCOs new IPS loloinfo (Jan 05)
- <Possible follow-ups>
- RE: CISCOs new IPS Billy Dodson (Jan 06)
- Re: CISCOs new IPS ADT (Jan 08)
- Re: CISCOs new IPS Krystian Antoni (Jan 08)
- RE: CISCOs new IPS Gary Halleen (ghalleen) (Jan 10)
- RE: CISCOs new IPS Billy Dodson (Jan 08)
- RE: CISCOs new IPS Scruggs Stephen D SSgt AFWA/SCHS (Jan 12)