hi Gaurav -
my comments are given inline -
1) How is Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800,
2900, 3800 and 3900 Series ISRs different from standard Cisco 4200
series sensor
Swap>> there are few differences like -
1. only one sensing interface, with no separate alternate TCP reset interface
2. no support for inline pair, inline vlan pair
3. few cosmetic differences like traffic to be inspected has to be
setup from inside the parent device (asa, router)
4. no separate console
2) Does the NME / AIM also support the GUI for config / management
Swap>> Yes, once IP addr is configured from CLI, u can use the
GUI...very similar gui to 4200 sensor
3) Through ISR IOS session can we login into this NME and get the same
Linux env as we get in standard sensors ,, ( much like nme-16es-1g-p
series which simulate Cisco 3750 switch )
Swap>> Yes, the AIM will give u same linux environment..u can console
into the ips modules from the parent device and do the initial IP
address setup etc..
I am not asking these ques from deployment pt of view ..( i know
performance etc will vary ) .. I am asking from labbing and learning
point fo view .
Any other points to be taken in mind for IPS to start of with ; please
pour in .....
Swap>> in case u dont have an IPS 4200 box, look for IPS vmware image
on the net, u can run full featured 4200 sensor with v5 code via
vmware
u shud put security related questions in the groupstudy's security
forum for better participation..
Cheers
Swap
#19804 x2
On Mon, Jun 21, 2010 at 6:57 PM, Sadiq Yakasai <sadiqtanko_at_gmail.com> wrote:
> Gaurav,
>
> I am not sure what Frog meant, but IOS IPS is definitely on the blueprint.
> The IPS 4200 appliance is also on the blueprint. The ASA IPS module is not
> on it though! The use of the GUI, aka IDM or IPS Manager Express, is also
> part of the blueprint.
>
> Although you can pretty much configure the IPS using the CLI, the use of the
> GUI simplifies things so much.
>
> Hope that clears up the air somewhat.
>
> Sadiq
>
>
> On Mon, Jun 21, 2010 at 1:35 PM, GAURAV MADAN <gauravmadan1177_at_gmail.com>wrote:
>
>> Thnx for reply Frog .
>>
>> May I know the reason for the same .. IOS IPS is not a part of lab ?
>> Small office / Branch offices are using this I suppose ..
>>
>> Also ; what abt IDM .. used in lab ?
>>
>> Thnx
>> Gaurav Madan
>> CCIE # 23863
>>
>> On Mon, Jun 21, 2010 at 4:22 PM, Radioactive Frog <pbhatkoti_at_gmail.com>
>> wrote:
>> > I'm assuming you're preparing for CCIE security lab ;)
>> > Avoid using IOS/IPS but appliance 42xx.
>> >
>> > I'm using 424x
>> >
>> > On Mon, Jun 21, 2010 at 6:39 PM, GAURAV MADAN <gauravmadan1177_at_gmail.com
>> >
>> > wrote:
>> >>
>> >> 2nd try ..
>> >> Can someone please answer this .
>> >>
>> >> What I am trying to figure out is how IOS IPS and actual Cisco IPS
>> >> series differ ( again not in terms of performance ) ..
>> >>
>> >> What are you generally using for your studies ?
>> >>
>> >> How often are you using IDM ?
>> >>
>> >> Thnx
>> >> Gaurav MAdan
>> >> CCIE # 23863
>> >>
>> >>
>> >> ---------- Forwarded message ----------
>> >> From: GAURAV MADAN <gauravmadan1177_at_gmail.com>
>> >> Date: Sat, Jun 19, 2010 at 1:33 PM
>> >> Subject: Newbee to Sec : IPS ques
>> >> To: Cisco certification <ccielab_at_groupstudy.com>
>> >>
>> >>
>> >> Hi
>> >>
>> >> I am a beginner in Security area and have following ques in IPS area :
>> >>
>> >> 1) How is Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800,
>> >> 2900, 3800 and 3900 Series ISRs different from standard Cisco 4200
>> >> series sensor
>> >>
>> >> 2) Does the NME / AIM also support the GUI for config / management
>> >>
>> >> 3) Through ISR IOS session can we login into this NME and get the same
>> >> Linux env as we get in standard sensors ,, ( much like nme-16es-1g-p
>> >> series which simulate Cisco 3750 switch )
>> >>
>> >> I am not asking these ques from deployment pt of view ..( i know
>> >> performance etc will vary ) .. I am asking from labbing and learning
>> >> point fo view .
>> >>
>> >> Any other points to be taken in mind for IPS to start of with ; please
>> >> pour in .....
>> >>
>> >>
>> >> Thnx
>> >> Gaurav Madan
>> >> CCIE # 23863
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> CCIE #19963
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon Jun 21 2010 - 19:50:40 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:37 ART