http://www.cisco.com/go/ids
June 10, 2004
Greetings! This bulletin describes updates to the Cisco IDS product line. As always, please feel free to message us directly if you have any comments or questions (ids-news@cisco.com). We also encourage you to participate in the Cisco IDS User's Forum at http://www.cisco.com/discuss/security.
1. Announcing the S96 Signature Update for Cisco IDS Version 4.1
2. New Critical Patch Update Available for IDS MC
3. Important URL Changes
4. Did you know?
.5. Subscription Information
=====================
1. Cisco Signature S96 for Cisco IDS 4.1(3)
The S96 signature update contains the following new signatures:
|
The S96 signature update contains the following modified signatures:
|
.NOTE: All signature updates are cumulative. The S96 signature update contains all previously released signature updates.
The IDS-sig-4.1-3-S96.rpm.pkg signature update can be applied to version 4.1 sensors as follows:
You can only apply this signature update to IDS-42xx Cisco Intrusion Detection System (IDS)
sensors, the WS-SVC-IDSM2 series Intrusion Detection System Module (IDSM2), and the
NM-CIDS Intrusion Detection System Network Module.
It is not compatible with the NRS-xx series Intrusion Detection System (IDS) sensors or the
WS-X6381-IDS series Intrusion Detection System Module (IDSM).
IDS 4.1(3)S96 Sensor Software Update Files:
The files for the 4.1(3)S96 signature update can be downloaded from:
http://www.cisco.com/pcgi-bin/tablebuild.pl/ids4
NOTE: You must have a SMARTnet maintenance contract number to request
software upgrades from Cisco.com.
IDS MC Update
The IDS MC update and readme files can be downloaded at the following URL. Refer to the readme file for installation instructions.
http://www.cisco.com/pcgi-bin/tablebuild.pl/mgmt-ctr-ids-ids4updates
IEV Update
You can download the IEV signature update file IEV-sig-4.1-1-S96.exe and readme from the following website:
http://www.cisco.com/pcgi-bin/tablebuild.pl/ids-ev
2. New Critical Patch Update Available for IDS MC
Patch CSCee60913 is now available in the Cisco.com Software Center at the following URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/mgmt-ctr-ids-app
The file name is idsmdc1.2.3-win-CSCee609131.tar.
The patch resolves a bug reported in CSCee60913 with the headline "4 IDS MC processes do not start after windows logoff & logon".
As reported in CSCee60913, the following four IDS processes do not start after Windows logoff and logon: IDS_DeployDaemon, IDS_ReportScheduler, IDS-Backup and IDS_DbAdminAnalyzer. To work around this problem, you can start these four processes manually, but Cisco Systems recommends that you download and install the patch.
To obtain more information about known bugs, access the Cisco Software Bug Toolkit at:
http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl
3. Important URL Changes
The following changes have been made to the Intrusion Detection download pages on CCO.
At the IDS Sensor Software site (Please login to Cisco.com login before viewing this content):
http://www.cisco.com/public/sw-center/ciscosecure/ids/crypto/
-
Version 4.x Signature Updates are being posted to a new CCO location. The new links are titled: "Latest Signature Update/ (Archives)"
-
The link under the 4.x sections formerly named "Latest Software" has been renamed: "Latest Service Pack, Minor, and Major Updates"
At the IDS MC site:
http://www.cisco.com/pcgi-bin/tablebuild.pl/mgmt-ctr-ids
Version 4.x Signature Updates are being posted to a new location on CCO. The new links are: "Latest Signature Update / (Archives)"
Effective June 2, 2004, all new signature updates will be posted to these new locations.
The new locations were created to help expedite the download of signature update files which are not strong cryptographic images.
4. Did you know?
The Cisco IDS Network Module for the Cisco 2600XM, 3660, and 3700 series routers is a router-integrated line card that delivers up to 45 Mbps of full-featured intrusion protection. Additionally, through collaboration with IPsec VPN and Generic Routing Encapsulation (GRE) traffic, this module can allow decryption, tunnel termination and traffic inspection at the first point of entry into the network. The NM-CIDS can be managed via CLI, IDM (IDS Device Manager), or VMS. The price of the NM-CIDS module has been reduced from $4,995 to $2,995.
Price: $2,995
P/N: NM-CIDS-K9
Related Link:
http://www.cisco.com/en/US/products/hw/modules/ps2797/products_data_sheet09186a008017dc22.html
For more information please contact the IDS Product Team at ids-news@cisco.com
5. Subscription Information
We'd like to know what you think about this bulletin. We're also interested in what you'd like to see
in future editions. Please take a moment to send us your comments.
If you wish to receive this bulletin, you can subscribe now.