This is an interesting little tool.
For a long time now people have asked us what to use to manage IDS/IPS systems and how to report based on that information.

There are a few options available at the moment. Use Cisco MARS, Cisco Security Manager or develop your own app.
The number of monitoring apps with SDEE capability has traditionally been quite low. The ones available are very expensive.

Cisco releasing IPS manager express has made things a little more interesting for anybody managing 5 or less sensors.
This app will take event information from all 5, give you breakdowns on the attack type and allow you to report on them. It will also allow you to fully configure each sensors from one console.

There is a very strong chance that this app will be opened up to support more than 5 sensors in my opinion. At the moment however, it is free to download for anybody with IPS licenses!

This entry was posted on Sunday, May 4th, 2008 at 9:56 am and is filed under News, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.