[Urgent] Repost - Cisco IDS

Discussion in 'Cisco' started by Jean-Michel Kaiser, Dec 29, 2004.

  1. Hello,

    I reword my question. What from Cisco Systems competes to:

    Internet Security System Proventia G models? (www.iss.net/proventia)

    or Netscreen IDP

    www.juniper.net/solutions/security/work/intrusion_prevention.html

    Those are Intrusion Prevention Systems, not only IDS like Cisco 4210 or
    bigger, ISS RealSecure on Nokia, ISS Proventia A models.

    Since I haven't found anything on www.cisco.com and because it is simply
    hard to believe Cisco Systems does not supply IPS solutions, I am pretty
    sure I've missed something.

    Please provide, please point me to URL

    Many thanks,

    JMi
     
    Jean-Michel Kaiser, Dec 29, 2004
    #1
    1. Advertisements

  2. :Internet Security System Proventia G models? (www.iss.net/proventia)
    :eek:r Netscreen IDP
    :www.juniper.net/solutions/security/work/intrusion_prevention.html

    I wouldn't normally answer this question, as I am not particularily
    familiar with Cisco's IDS related lines, but seeing as you marked
    it as 'Urgent'...


    :Those are Intrusion Prevention Systems, not only IDS like Cisco 4210 or
    :bigger, ISS RealSecure on Nokia, ISS Proventia A models.

    :Since I haven't found anything on www.cisco.com and because it is simply
    :hard to believe Cisco Systems does not supply IPS solutions, I am pretty
    :sure I've missed something.

    I have never heard of Cisco offering anything referred to as
    an "Intrusion Prevention System". They use different market-speak.

    See here for information on "self-defending networks",
    http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns413/networking_solutions_package.html

    In particular, Cisco is proceeding along the lines of their 'SAFE'
    architecture,

    http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solutions_package.html
     
    Walter Roberson, Dec 29, 2004
    #2
    1. Advertisements

  3. Jean-Michel Kaiser

    Rik Bain Guest

    Starting with 12.3(8)T cisco changed the IOS IDS functionality and name.
    It is now called IPS. As far as the product you mentioned, I cannot
    think of any other device that will detect and block other than the IOS
    router or pix, which are not as robust as the stand alone sensors.

    The sensors (which appear to carry the IPS tag as well; search cisco.com
    for ips) will, AFAIK, still only monitor traffic and either send TCP RST
    or modify ACE's on routers/send shun commands to pix.

    HTH,

    Rik Bain
     
    Rik Bain, Dec 29, 2004
    #3
  4. Jean-Michel Kaiser

    Wil Schultz Guest

    If I recall correctly the NetRanger line, the Linux version (not the Sun
    version), integrates with the PIX to create dynamic ACL's to shun known
    sig's


    Wil
    my 3ยข

    "When everything seems to be going well, you have obviously overlooked
    something."


    <snip>
     
    Wil Schultz, Dec 30, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.