Ditto what Swap M said.
thanks swap for clearing this up.
the trick is >>> IP has "no support for inline pair, inline vlan pair"
On Tue, Jun 22, 2010 at 1:50 AM, swap m <ccie19804_at_gmail.com> wrote:
> hi Gaurav -
>
> my comments are given inline -
>
> 1) How is Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800,
> 2900, 3800 and 3900 Series ISRs different from standard Cisco 4200
> series sensor
> Swap>> there are few differences like -
> 1. only one sensing interface, with no separate alternate TCP reset
> interface
> 2. no support for inline pair, inline vlan pair
> 3. few cosmetic differences like traffic to be inspected has to be
> setup from inside the parent device (asa, router)
> 4. no separate console
>
>
> 2) Does the NME / AIM also support the GUI for config / management
> Swap>> Yes, once IP addr is configured from CLI, u can use the
> GUI...very similar gui to 4200 sensor
>
> 3) Through ISR IOS session can we login into this NME and get the same
> Linux env as we get in standard sensors ,, ( much like nme-16es-1g-p
> series which simulate Cisco 3750 switch )
> Swap>> Yes, the AIM will give u same linux environment..u can console
> into the ips modules from the parent device and do the initial IP
> address setup etc..
>
> I am not asking these ques from deployment pt of view ..( i know
> performance etc will vary ) .. I am asking from labbing and learning
> point fo view .
>
> Any other points to be taken in mind for IPS to start of with ; please
> pour in .....
> Swap>> in case u dont have an IPS 4200 box, look for IPS vmware image
> on the net, u can run full featured 4200 sensor with v5 code via
> vmware
>
> u shud put security related questions in the groupstudy's security
> forum for better participation..
>
> Cheers
> Swap
> #19804 x2
>
>
> On Mon, Jun 21, 2010 at 6:57 PM, Sadiq Yakasai <sadiqtanko_at_gmail.com>
> wrote:
> > Gaurav,
> >
> > I am not sure what Frog meant, but IOS IPS is definitely on the
> blueprint.
> > The IPS 4200 appliance is also on the blueprint. The ASA IPS module is
> not
> > on it though! The use of the GUI, aka IDM or IPS Manager Express, is also
> > part of the blueprint.
> >
> > Although you can pretty much configure the IPS using the CLI, the use of
> the
> > GUI simplifies things so much.
> >
> > Hope that clears up the air somewhat.
> >
> > Sadiq
> >
> >
> > On Mon, Jun 21, 2010 at 1:35 PM, GAURAV MADAN <gauravmadan1177_at_gmail.com
> >wrote:
> >
> >> Thnx for reply Frog .
> >>
> >> May I know the reason for the same .. IOS IPS is not a part of lab ?
> >> Small office / Branch offices are using this I suppose ..
> >>
> >> Also ; what abt IDM .. used in lab ?
> >>
> >> Thnx
> >> Gaurav Madan
> >> CCIE # 23863
> >>
> >> On Mon, Jun 21, 2010 at 4:22 PM, Radioactive Frog <pbhatkoti_at_gmail.com>
> >> wrote:
> >> > I'm assuming you're preparing for CCIE security lab ;)
> >> > Avoid using IOS/IPS but appliance 42xx.
> >> >
> >> > I'm using 424x
> >> >
> >> > On Mon, Jun 21, 2010 at 6:39 PM, GAURAV MADAN <
> gauravmadan1177_at_gmail.com
> >> >
> >> > wrote:
> >> >>
> >> >> 2nd try ..
> >> >> Can someone please answer this .
> >> >>
> >> >> What I am trying to figure out is how IOS IPS and actual Cisco IPS
> >> >> series differ ( again not in terms of performance ) ..
> >> >>
> >> >> What are you generally using for your studies ?
> >> >>
> >> >> How often are you using IDM ?
> >> >>
> >> >> Thnx
> >> >> Gaurav MAdan
> >> >> CCIE # 23863
> >> >>
> >> >>
> >> >> ---------- Forwarded message ----------
> >> >> From: GAURAV MADAN <gauravmadan1177_at_gmail.com>
> >> >> Date: Sat, Jun 19, 2010 at 1:33 PM
> >> >> Subject: Newbee to Sec : IPS ques
> >> >> To: Cisco certification <ccielab_at_groupstudy.com>
> >> >>
> >> >>
> >> >> Hi
> >> >>
> >> >> I am a beginner in Security area and have following ques in IPS area
> :
> >> >>
> >> >> 1) How is Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800,
> >> >> 2900, 3800 and 3900 Series ISRs different from standard Cisco 4200
> >> >> series sensor
> >> >>
> >> >> 2) Does the NME / AIM also support the GUI for config / management
> >> >>
> >> >> 3) Through ISR IOS session can we login into this NME and get the
> same
> >> >> Linux env as we get in standard sensors ,, ( much like nme-16es-1g-p
> >> >> series which simulate Cisco 3750 switch )
> >> >>
> >> >> I am not asking these ques from deployment pt of view ..( i know
> >> >> performance etc will vary ) .. I am asking from labbing and learning
> >> >> point fo view .
> >> >>
> >> >> Any other points to be taken in mind for IPS to start of with ;
> please
> >> >> pour in .....
> >> >>
> >> >>
> >> >> Thnx
> >> >> Gaurav Madan
> >> >> CCIE # 23863
> >> >>
> >> >>
> >> >> Blogs and organic groups at http://www.ccie.net
> >> >>
> >> >>
> _______________________________________________________________________
> >> >> Subscription information may be found at:
> >> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> > --
> > CCIE #19963
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Jun 22 2010 - 22:17:47 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:38 ART