IDS on PIX 506e

Dear Experts

We have the following commands on our PIX 506e FW

logging on
logging timestamp
logging trap informational
logging host inside 192.168.1.7
<snip>
ip audit info action alarm
ip audit attack action alarm

In order to check for Intrusion Detection, can anyone tell me what I should be looking for on the Kiwi Syslog server?

Thx
LVL 2
Dilan77Asked:
Who is Participating?
 
rsivanandanConnect With a Mentor Commented:
On the other hand if you want to look at normal firewall actions, this will help you get acquainted with PIX messages;

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a00800891ec.html#25608

Cheers,
Rajesh
0
 
rsivanandanCommented:
PIX 506E do not have IDS inbuilt into it. Can't do! Only higher end models.

Cheers,
Rajesh
0
 
Dilan77Author Commented:
That's weird....there is an IDS section on the PDM! It's set to log events.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
rsivanandanCommented:
Yeah, it is a Java Client and common for all, but this Model doesn't have it. If you go for Integrated devices (ASA 5xxx series), only those have IDS functionality.

Right now, Cisco has only 3 platforms for IDS/IPS;

1. IOS IPS -> On a router

2. Firewall IPS -> On ASA Series

3. IDS Appliance -> 4200 series appliances.

Cheers,
Rajesh
0
 
Dilan77Author Commented:
Ok, thanks Rajesh....
0
 
rsivanandanCommented:
No Problem.

Cheers,
Rajesh
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.