PIX IDS Monitoring

Discussion in 'Cisco' started by Mark, May 18, 2004.

  1. Mark

    Mark Guest

    Ok, im sure this question has been asked before but I cant find a solid
    response.
    I have been given the task of setting up IDS on two PIX 501s. The IDS
    configuration is done but now I just have to come up with a solutions for
    monitoring it. Has anyone seen a product that can monitor the PIX and create
    reports on a daily/weekly basis and alarms on attacks? I basically want
    something that will just sit there and watch the SNMP messages for me and
    only send me a code red message if there is an alarm but still keep track of
    all other denies for reference.

    Thank you in advanced!

    Mark
    Mark, May 18, 2004
    #1
    1. Advertising

  2. Mark

    mh Guest

    You might want to start with Cisco PDM Device Manager (PDM) IDS graphing

    Suggest to upgrade to latest PIX software and PDM software.
    mh, May 18, 2004
    #2
    1. Advertising

  3. basically ehat you want is a kiwi syslog that recieves all your syslogs and
    then you make rules for notification/alerts.
    Also you can look at rnrsoft's report gen for PIX along with the kiwisyslogd

    http://www.kiwisyslog.com/software_downloads.htm
    http://www.reportgen.com/downloads.htm

    HTH
    Martin Bilgrav

    PS IDS logging generates alot on fx ICMP
    Not all are alerts, but just info


    "Mark" <1@1.1> wrote in message news:...
    > Ok, im sure this question has been asked before but I cant find a solid
    > response.
    > I have been given the task of setting up IDS on two PIX 501s. The IDS
    > configuration is done but now I just have to come up with a solutions for
    > monitoring it. Has anyone seen a product that can monitor the PIX and

    create
    > reports on a daily/weekly basis and alarms on attacks? I basically want
    > something that will just sit there and watch the SNMP messages for me and
    > only send me a code red message if there is an alarm but still keep track

    of
    > all other denies for reference.
    >
    > Thank you in advanced!
    >
    > Mark
    >
    >
    Martin Bilgrav, May 18, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Deepu
    Replies:
    1
    Views:
    1,684
    Chris Thomas
    Jul 15, 2003
  2. Brian Bergin

    IDS policy on PIX

    Brian Bergin, Nov 27, 2003, in forum: Cisco
    Replies:
    5
    Views:
    2,927
    John Doe
    Nov 30, 2003
  3. Erwin Lopez

    How to test PIX IDS

    Erwin Lopez, Jun 25, 2004, in forum: Cisco
    Replies:
    2
    Views:
    1,393
    Peter Van Epp
    Jun 25, 2004
  4. d.h. barrick

    IDS monitoring

    d.h. barrick, Nov 5, 2004, in forum: Cisco
    Replies:
    0
    Views:
    432
    d.h. barrick
    Nov 5, 2004
  5. Gary
    Replies:
    0
    Views:
    401
Loading...

Share This Page