Solved

IDS on PIX 506e

Posted on 2006-10-26
6
299 Views
Last Modified: 2013-11-16
Dear Experts

We have the following commands on our PIX 506e FW

logging on
logging timestamp
logging trap informational
logging host inside 192.168.1.7
<snip>
ip audit info action alarm
ip audit attack action alarm

In order to check for Intrusion Detection, can anyone tell me what I should be looking for on the Kiwi Syslog server?

Thx
0
Comment
Question by:Dilan77
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17812115
PIX 506E do not have IDS inbuilt into it. Can't do! Only higher end models.

Cheers,
Rajesh
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17812133
On the other hand if you want to look at normal firewall actions, this will help you get acquainted with PIX messages;

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a00800891ec.html#25608

Cheers,
Rajesh
0
 
LVL 2

Author Comment

by:Dilan77
ID: 17812159
That's weird....there is an IDS section on the PDM! It's set to log events.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 32

Expert Comment

by:rsivanandan
ID: 17812215
Yeah, it is a Java Client and common for all, but this Model doesn't have it. If you go for Integrated devices (ASA 5xxx series), only those have IDS functionality.

Right now, Cisco has only 3 platforms for IDS/IPS;

1. IOS IPS -> On a router

2. Firewall IPS -> On ASA Series

3. IDS Appliance -> 4200 series appliances.

Cheers,
Rajesh
0
 
LVL 2

Author Comment

by:Dilan77
ID: 17812438
Ok, thanks Rajesh....
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17813204
No Problem.

Cheers,
Rajesh
0

Featured Post

Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recovering ASA 5505 vpn config from flash card? 7 57
Which will last longer in a laptop, HDD or SSD? 18 126
types of VPN 2 51
Change "enable" password on Cisco Router 7 52
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question