OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Moore, Carl, Mr., PEC-ARNG (Carl.Moorepec.ngb.army.mil)
Date: Mon May 20 2002 - 13:52:00 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
    majordomoiss.net Contact issforum-owneriss.net for help with any problems!
    ----------------------------------------------------------------------------

    ALCON,
    I am currently running both the RealSecure sensors and the Cisco IDSM
    modules on my 6500s. This solution gives you the best of both worlds. What
    one system doesn't catch, the other one does. When you find a signature that
    is firing off on one and not the other, you write a custom signature. Due to
    equipment limitations, I run RealSecure sensors on the outside of my
    firewalls, on my DMZ's, and on my server vlan. I have three IDSM's covering
    the other vlans. The server vlan ends up getting double coverage. I am also
    running about 50 vlans and have never oversubscribed my IDSM's, but
    sometimes the RealSecure sensors miss traffic. I don't have any of the Cisco
    IDS appliances yet but I plan on purchasing a couple of 4210's later this
    year. If you get the 4230, it can handle multiple vlans. This is just like
    running McAfee and Norton on the same network. If you can afford them it
    doesn't make sense not to have them both.

    Carl W. Moore
    Network Engineer
    National Guard Professional Education Center

    -----Original Message-----
    From: sixty seven [mailto:ssixtyhotmail.com]
    Sent: Monday, May 20, 2002 10:48 AM
    To: issforumiss.net
    Subject: Cisco IDS + RS IDS

    TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
    majordomoiss.net Contact issforum-owneriss.net for help with any
    problems!
    ----------------------------------------------------------------------------

    All,

    Due to problems with switched LANs and VLANs, we are considering a Hybrid
    solution with ISS Real Secure and Cisco 6500 based Cisco Secure Poloicy
    Manager for IDS. Has anybody tried this b4.
    The network in Q? has more than 50 VLANs with Cisco 2900, 3500 and 5500
    upward of 600 in total. Spanning seems a bit unrealistic.
    Any Ideas? GURUs out there!

    _________________________________________________________________
    Send and receive Hotmail on your mobile device: http://mobile.msn.com