RE: IDS CISCO alarm

["Gary Halleen (ghalleen)" <ghalleen () cisco com>]

Julio,

With IDS 4.1 code, the Cisco IDS only communicates directly with the
monitoring console (either Cisco's IDS Event Viewer, or Security Monitor, or
to any of a variety of third-party vendor products, like Arcsight, Protego,
netForensics, etc).  The monitoring consoles have the ability of either
forwarding events or executing a script based on the events.

With IPS 5.0 code (currently in beta), the sensor can send SNMP traps in
addition to the above.

Gary
 

-----Original Message-----
From: Julio Crespo [mailto:jcrespo () sigfe cl] 
Sent: Wednesday, January 05, 2005 1:41 PM
To: focus-ids () securityfocus com
Subject: IDS CISCO alarm

Hi, someone knows if is configurable for send alarms the IDS CISCO ?

I have looked for by all the site of Cisco without obtaining no reference

 

As it is possible that a IDS does not have form to alarm? it is necessary 

to be patch to log that it gives product IDS Event Viewer?

 

Thanks a lot.

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------