Q. What is CiscoWorks Management Center for IPS Sensors?
A. CiscoWorks Management Center for IPS Sensors is a powerful scalable tool for configuring network intrusion prevention system (IPS) sensors, switch IPS, and IPS network modules for routers. The CiscoWorks Management Center for IPS Sensors 2.1 is a component of the CiscoWorks VPN/Security Management Solution (VMS) 2.3. It is not sold separately.
Q. Will CiscoWorks for Management Centor for IPS Sensors work with network intrusion detection (IDS) sensors?
A. Yes. CiscoWorks Management center for IPS Sensors will still manage IDS 4.x sensors as well as IPS 5.0 sensors. Management center for IPS Sensors has dropped support for network intrusion detection (IDS) 3.x sensors. Management center for IPS Sensors no longer manages IDS 3.x sensors.
Q. Must I transition to IPS 5.0 in order to use IPS 5.0 related features offered by Management center for IPS Sensors?
A. Yes.
Q. What is the relationship with Cisco IPS Device Manager (IDM)?
A. Cisco IDM is a Web-based configuration tool for network IPS appliances. It is shipped at no additional cost with IPS sensor code. Cisco IDM implements a Web-based GUI that is similar to the CiscoWorks Management Center for IPS Sensors software. For additional scalability, customers may consider the CiscoWorks Management Center for IPS Sensors software.
Q. Who should buy CiscoWorks VMS?
A. CiscoWorks VMS, which includes the CiscoWorks Management Center for IPS Sensors, should be used for large deployments in enterprises. In addition to IPS management, CiscoWorks VMS includes tools to manage devices in the SAFE Blueprint from Cisco architecture; including Cisco PIX® firewalls, Cisco security agents, and VPNs on Cisco IOS® routers. Customers who want configurations for one to three sensors should consider the Cisco IDM, which is suitable for small implementations or trials.
Q. What are the new features in CiscoWorks Management Center for IPS Sensors 2.1?
A. CiscoWorks Management Center for IPS Sensors 2.1 has the following new features:
• Additional support for Cisco IPS Sensor Software versions 5.0
• Support for IPS signature management on Cisco routers and IPS sensors
• Significantly reduced deployment times
• An inventory report that lists all the sensors in the network in one easy-to-find place
• Identity of Platforms and Interfaces
• Limiting Inline Functionality
• Ability to configure Deny Attacker Action, SNMP Trap Action, Deny Packet Action, Deny Flow Action, Action without Alarm, Action based on Conditions, and Bypass Utility
• Display and Configure IPS Meta-Event Generator
• New Risk Rating for IPS-The risk scaling algorithm is at the heart of increasing the confidence level of the analysis and allows the user to control the "paranoia" level at which they choose to take actions
• Inline IPS Configuration and Operation Mode allows users to configure a device in promiscuous or inline mode
• Subscription License Management-Display of subscription licensing statistics, License expiration messages, License state, Serial Number, License Key Updates, and Automatically Obtain/Check License Key
• Health and Configuration Information-Health and Welfare Status to include: Sensing Mode, Bypass Mode, Bypass State, Interface Statistics, Interface Statistics, Virtual Sensor Statistics, Subsystem Failure Status, Uptime, Memory Utilization, Sensor Up/Down, and Statistic Collection Timestamp
• Custom signature wizard
Q. What operating systems are supported?
A. CiscoWorks Management Center for IPS Sensors 2.1 software is available for Windows 2000 and Solaris 8.
Q. Is inline intrusion prevention supported?
A. CiscoWorks Management Center for IPS Sensors 2.1 supports inline intrusion prevention on Cisco Intrusion Prevention System sensors 42XX, Cisco 1700, 2600, and 7200 series routers, Cisco 3725 and 3745 multiservice access routers, and the Cisco 2691 Multiservice Platform running Cisco IOS Software Release 12.3(8)T4 and later with inline IPS support.
Q. Is real-time status information available when a configuration is deployed or when a signature update is performed?
A. CiscoWorks Management Center for IPS Sensors 2.1 now supports a real-time progress bar for configuration deployments and signature updates.
Q. Are automatic downloads of new signatures supported?
A. CiscoWorks Management Center for IPS Sensors 2.1 supports the ability to automatically download new signatures from the Cisco Website, including the ability to deploy them to all IPS sensors in the network on an automatic or scheduled basis.
Q. Is role-based access control supported?
A. CiscoWorks Management Center for IPS Sensors 2.1 integrates with Cisco ACS for device-level role-based access control.
Q. How can I tell what IPS sensors are in my network?
A. CiscoWorks Management Center for IPS Sensors 2.1 has an inventory report that lists all the sensors in the network in one easy-to-find place.
FOR MORE INFORMATION
For more information about the CiscoWorks Management Center for IPS Sensors, visit http://www.cisco.com/go/vms, contact your local account representative, or send e-mail to ciscoworks@cisco.com.
