Well, i think .... SDEE is the protocol here that will play the keyrole. IPS wont push , but actually STRM and NSM must pull it up through the protoocol . There should be compatiblity for such since JUNIPER is big company and CISCO will be taking care of such important aspect of events .. alerts, logging already in advance , being an enterprise and sp security solution provider.
hope that h3lps. Kamran Shakil | CCIE 28832-Sec | Sr. Security Engineer | MDS Oman LLC | [email protected] | Office +968 24576666 | Mobile +968 95804126 -----Original Message----- From: [email protected] on behalf of Piotr Matusiak Sent: Fri 7/1/2011 12:23 AM To: ccie2b wannabccie Cc: [email protected] Subject: Re: [OSL | CCIE_Security] IPS/IDS cisco question ??? Cisco: IEV, CSM, MARS Others: Splunk, SDEE-collector Collectors use SDEE as a pull method for events gathering. Search for those which supports SDEE. Regards, Piotr 2011/6/30 ccie2b wannabccie <[email protected]> If i 've ips/ids cisco appliance, can i send logging to a server (windows/linux or anyother machine) ...from cisco ips/ids box! plz confirm. if not then how can i have central management of ips events / messages..... idm is local only and ime is limited to 5xips units.. i have a 3rd party tool for central managment and want IPS to send logs and events to it ? plz experts...comments..needed. for possible solution. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
