Solutions Fast Track
Managing the IDS Overview
There is three altered methods for managing Cisco IDSs: CSPM, Unix Director, and IDM.
The ambition of these solutions is to accommodate a axial area for managing and ecology IDS Sensors.
Unix Director runs on a Solaris or HPUX Platform.
IDM is a Web-based band-aid that comes with the sensor software.
CSPM is the best frequently acclimated band-aid for managing Cisco IDS sensors.
Using the Cisco Secure Policy Manager
CSPM has specific software requirements back installing. These accommodate the following:
NT 4.0
Service Pack 6a
IE 5.5
HTML Help 1.32 Update
MSXML3
The PostOffice ambit charge be accurately configured in adjustment to appropriately install CSPM.
A arrangement charge be authentic aboriginal afore you can add any hosts to the topology.
The arrangement ambit do not accept to be exact. The advice ambit were ahead configured on the sensor.
When abacus ahead configured sensors, you will appetite to abduction the configuration. In the Add Sensor Wizard, analysis the box on the aboriginal awning to abduction the configuration.
In adjustment to advance agreement changes to the sensor, you accept to aboriginal save and amend CSPM and again baddest the sensor you are updating. Choose the Command tab and bang Approve Now.
Using the CSID Director for Unix
The Director needs HP OpenView Arrangement Node Manager (NNM) to run.
The NetRanger Agreement File Administration Utility (nrConfigure) is acclimated to configure the sensors and the Director.
To appearance the alarms, you accept to assignment bottomward to them by double-clicking the Netranger icon, and again the daemon. The alarms will be displayed for the apparition that generated the event.
You can alone add one sensor or host at a time.
To verify daemons are active on the Director, blazon nrstatus.
The command to alpha HP OpenView is ovw &. The "&" armament OpenView to run in the background.
Using the IDS Device Manager
IDM is the easiest administration band-aid to install. It is installed back the sensor software is loaded on the sensor.
The check to IDM is that you can alone configure/manage one sensor at a time.
Event Viewer software can be downloaded from IDM to bigger appearance the log files.
Changes do not booty abode on the sensor until you accept clicked the Apply Changes button in the high right-hand bend of the IDM screen.
Using the Cisco Arrangement Security Database (NSDB)
The Arrangement Security Database (NSDB) contains a description of anniversary signature loaded on to a sensor.
To appearance the description, right-click the almanac or figure of the alarm, again baddest NSDB.
If there are accompanying vulnerabilities, the folio will accommodate links to them