From: istong (istong@stong.org)
Date: Sun Jan 27 2008 - 11:44:30 ARST
The CW-SIMS product uses the netForensics v3.1 software and is more vendor
neutral in that you can load it's agents on various devices including non
cisco devices. Don was on about that aspect. FYI the CW-SIMS has both native
agents and universal agents whereas CS-MARS doesn't use agents.
Supported products can be found in the tables listed at
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps5209/product_dat
a_sheet09186a008017dcb6.html
It's similar to CS-MARS in that they both do event correlation, aggregation
and reporting. CS-MARS is an appliance only solution.
CS-MARS accepts alerts and feeds from many products - but it's built in
parsers deal mostly with cisco products and a few handful of specific
security devices such as IDS's, firewalls and so on. There is the ability to
build custom parsers but you are limited to the fields built into the
database in terms of reporting on those customized parsers.
CS-MARS is an appliance-based product line and CW-SIMS is a software based
product line. However, the two products have unique functions and
capabilities. Supposedly they are not competing products. A Cisco sales rep
is your friend - find one and grill them about it.
I can answer questions relating to CS-MARS as I've deployed that - but I
haven't had any hands on with the CW-SIMS so I can only go by what the
manuals and whitepapers say regarding it's capabilities.
Thanks,
Ian
www.ccie4u.com
Discounted Lab Scenarios and Rack Rentals
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Muhammad Nasim
Sent: Saturday, January 26, 2008 10:02 AM
To: Don Oxman
Cc: Cisco certification; Cisco certification
Subject: Re: CW-SIM VS CISCO MARS
Thanks Don,
By CW-SIMS I meant CiscoWorks Security Information Management Solution.
Further information can be found here.
http://www.cisco.com/en/US/products/sw/cscowork/ps5209/index.html
I want to compare both these offerings from CISCO
<http://www.cisco.com/en/US/products/sw/cscowork/ps5209/index.html>
On 26/01/2008, Don Oxman <don_mcse@hotmail.com> wrote:
>
> CW-SIMS is actually a product from netForensics (www.netforensics.com)
> known as nFX SIM One. It is not an appliance but software that needs to
be
> installed on several servers depending on your deployment. Go to their
> website and read about what it can do. It's expensive. For example, our
> current installation will cost about $1,200,000 for monitoring 2000
devices.
>
> Cisco MARS is, in my opinion, very similar to the netForensics product.
> However, MARS is geared primarily towards Cisco products while nFX is
truly
> non-vendor specific. I also think that MARS is less expensive. Again,
hit
> the Cisco site and read more about it.
>
>
>
>
> ------------------------------
>
> > Date: Sat, 26 Jan 2008 11:54:56 +0300
> > From: muhammad.nasim@gmail.com
> > To: security@groupstudy.com; ccielab@groupstudy.com
> > Subject: CW-SIM VS CISCO MARS
> >
> > Dear All,
> >
> > I want to know difference b/w Cisco Works Systems Information Management
> &
> > Cisco Mars?.
> >
> > It seems to me that both are same almost identical.
> >
> > Detailed explanation will be help
> >
> > Thanks in advance
> >
> >
> > --
> > Muhammad Nasim
> > Network Engineer
> > Saudi Arabia
> >
>
>
> ------------------------------
> Climb to the top of the charts! Play the word scramble challenge with star
> power. Play
now!<http://club.live.com/star_shuffle.aspx?icid=starshuffle_wlmailtextlink_
jan>
>
-- Muhammad Nasim Network Engineer Saudi Arabia
This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:01 ARST