Table of Contents
Securing Event Reception Between a Sensor and Security MonitorSecuring Event Reception Between a Sensor and Security Monitor
This appendix describes how to use IPSec to secure the communication of events between a sensor running Cisco IDS 3.0 Sensor software and Security Monitor running on a Windows 2000 server. The Cisco IDS 3.0 Sensor software uses manual key management for IPSec; however, Windows 2000 does not support manual key management. To use IPSec to secure the communication of events between a sensor and Security Monitor, you must modify your network topology to include a router between the Security Monitor server and the sensor, as shown in Figure A-1.
 |
Note IDS MC uses Secure Shell (SSH) to communicate with sensors. Therefore, all configuration data is securely transferred to the sensors. For more information about SSH and IDS MC, see Using Management Center for IDS Sensors 1.0. |
Figure A-1 Network Topology Using a Router to Enable IPSec
 |
Caution When you place the router between the Security Monitor server and the sensor, do not connect any other network devices to the router. These devices could sniff network traffic between the router and the sensor and breach the security of your network. |
For information about configuring the router to use IPSec, see the "Configuring IPSec Network Security" chapter in the Cisco IOS Security Configuration Guide, available at the following link:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fipsenc/scfipsec.htm