After a costly network upgrade, the two Cisco NetRanger (IDS-4230) sensors have yet to be deployed - mainly due to lack of knowledge about them. (Suddenly, snort is seeming a lot more straight forward, simple, attractive, etc...compared to the Cisco gear - I keep getting conflicting info and I am getting confused about what really needs to be done to set them up). Anyway, its been made my task and I realize that I am going to probably need training. Before that, I want to get more familiar with them and play with them on a test network.
Think of it like this - I am familiar with the concept of IDS, and I have two sensors and I know where I ultimately want to put them. However, I know nothing about the Cisco product and I have no idea where to begin. Any advice you can give starting from that point is most appreciated. However, the more specific things I want to know relate to the director - does it need to be setup first? Is the sensor any good without the director? [Why doesn't Cisco just sell a director appliance - it says on the software that the Director needs either HP-UX or Solaris (two OS's that we don't use).] What is the best thing to do in terms of the director and managing the IDS sensors? Are we really going to need to budget a server to get the IDS in place? The sensors look like a rack mount server - complete with floppy, CD-ROM and expansion slots. Do you really need to hook up anything other than power and ethernet? Do you manage them like any other Cisco device through Telnet, or do you control them with the director? Finally, what is the means of updating these things? Thanks a lot - any helpful words you can give about the Cisco IDS is appreciated. Erik _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
