Prime 2.0 and IPS

Similar Messages

• Ask the Expert: Overview of Cisco Prime Service Catalog and Process Orchestrator Solutions

  Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about the Cisco Prime Service Catalog and Process Orchestrator solutions.
  Cisco expert Jason Davis will discuss Cisco’s network management products offered under the Cisco Prime framework. If you have questions about Cisco Prime infrastructure or data center automation with our Cisco Prime Service Catalog and Process Orchestrator solutions, join us on the Cisco Support Community.
  Jason Davis is a distinguished services engineer in the Intelligent Infrastructure Practice team of Cisco Advanced Services. His role is to provide strategic and tactical consulting for hundreds of Advanced Services customers, lead service innovation, and assess new services and technologies. Jason's primary expertise areas are in network management systems, intelligent automation, virtualization, data center operations, software-defined networking, and network programmability.
  Based out of the Research Triangle Park (RTP) campus, Jason is also responsible for administering the Research Triangle Park Network Management Lab, Cisco's largest network management lab.
  Since joining Cisco in 1998, Jason has been a frequent speaker at Cisco's Networkers and CiscoLive conferences in the United States and Europe. In the past five years he has also been involved in the conference network setup and monitoring. He is a much sought-after resource by the field sales teams to assist with presales solutions and executive briefings. He has provided strategic and tactical network management consulting for several hundred customers.
  Jason is a subject matter expert with the following products and features:
  Cisco Prime LAN management solution
  Cisco Prime infrastructure
  CiscoSecure ACS
  Cisco Prime Network Registrar
  Cisco Process Orchestrator
  Cisco Prime Service Catalog
  Cisco IP SLA
  Embedded Event Manager
  SNMPv3
  onePK and OpenFlow
  Cisco UCS
  Device instrumentation
  VMware ESX, ESXi, and vCenter
  ITIL
  Jason received his bachelor of science degree in electrical engineering from the University of Miami (FL). He has been married for 20 years and has 4 children. His interests include providing audiovisual technical support for churches and conference venues, camping and biking with his family, remote-control helicopter piloting, paintball, and recreational shooting.
  Remember to use the rating system to let Jason know if you have received an adequate response.
  Because of the volume expected during this event, Jason might not be able to answer every question. Remember that you can continue the conversation in Data Center > Intelligent Automation under the subcommunity Cisco Prime Service Catalog shortly after the event. This event lasts through September 12, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Jason,
  Thank you very much for welcoming me to your expert discussion :) I feel to be in the right place, at the right time. Thank you also for answering question beyond your scope here, much appreciated. The information received will help me to go further as such I have submitted a 5 start rating for your first reply.
  That sounds promising about the LMS part so yes, I stay tuned and wait patiently.
  Ok, now let’s revert to the actual topic discussed here. Cisco Prime Service Catalog and Process Orchestrator solutions I have briefly read up on this on CCO (where elseJ) and picked out the following quote
  ---- Quote from the Cisco Prime Service Catalog Data Sheet
   Today’s end users want self-service and easy access to IT tools and services.
  Simultaneously, organizations are seeking ways to extend their cloud management
  platforms beyond self-service delivery of virtual machines and infrastructure resources
  while increasing their use of cloud-based solutions to enhance business agility and effectiveness.
  Cisco Prime™ Service Catalog offers tremendous benefits to organizations that want to unify the ways in
  which all types of IT services are ordered and fulfilled, not just infrastructure requests
  ---- un quote ---
  I try to understand what (at high level of course) happens in the back ground when an order is raised and which vendor solution your product can interact with.
  As mentioned in the quoted text, this service catalogue goes beyond the standard infrastructure.
  Let’s say, a user wants to deploy a new email services, or in your example,  extends or create a new web-portal (i.e. for HR to view and manage holiday, staff absence and benefits).
  Your solution will need to interact somehow with the 3rd party vendor application that is capable building such portal I believe.
  Without disclosing to many information, I assume the portal is linked to backend VM,s that spin up requested resources (and more magic of course). Perhaps I am mixing this up with another cisco product where a user can go on the portal and spin up virtual Firewalls, virtual Routers can be provisioned in now time.
  Out if interest; Is this product also known as Mozart? (project code within Cisco?)
  I hope query is ok.
  Best wishes
  Markus

• Prime 1.3 and WLC 7.6 Can I push guest accounts?

  Hi all
  My Customer needs to update the WLC to 7.6 (from 7.4) due to 3700 APs, but does not use the ac or other new features (yet).
  He has a Prime 1.3 update 4, where the guest Account are created.
  Can he, after the WLC Upgrade  to 7.6.130.0 still see the WLC from Prime 1.3 and Push guest accounts to the WLC?
  The migration to PI 2.1 will be planned.
  Thanks
  Willem

  Cisco Prime 1.3 doesn't support 7.6 please check the compatibility matrix
  Table 4 Cisco Prime Infrastructure and Cisco Wireless Release Compatibility Matrix
  Cisco Prime Infrastructure
  Cisco WLC
  Cisco MSE
  ISE
  Remarks
  Update 4 for 1.3.0.20
  Update 1 for 1.3.0.20
  1.3.0.20
  7.4.121.0
  7.4.110.0
  7.4.100.60
  7.4.100.0
  7.3.112.0
  7.3.101.0
  7.2.115.2
  7.2.111.3
  7.2.110.0
  7.2.103.0
  7.0.250.0
  7.0.240.0
  7.0.235.3
  7.0.235.0
  7.0.230.0
  7.1.91.0
  7.0.220.0
  7.0.116.0
  7.0.98.218
  7.0.98.0
  7.4.121.0
  7.4.110.0
  7.4.100.0
  7.3.101.0
  7.2.110.0
  7.2.103.0
  7.0.240.0
  7.0.230.0
  7.0.220.0
  7.0.201.204
  7.0.112.0
  7.0.105.0
  1.0
  1.1
  1.2

• Ports and IPs to be open/permitted in firewall to download and work in creative cloud

  What is the complete list of ports and IP addresses to be open/permited in our enterprise firewall in order to let internal PCs download and work with creative cloud applications?

  Our firewall only supports IP configuration (not URL). Do you have IP list?
  From: Rajshree [email protected]
  Sent: miércoles, 06 de noviembre de 2013 17:23
  To: Simon, Mariano
  Subject: Ports and IPs to be open/permitted in firewall to download and work in creative cloud
  Re: Ports and IPs to be open/permitted in firewall to download and work in creative cloud
  created by Rajshree <http://forums.adobe.com/people/Rajshree>  in Adobe Creative Cloud - View the full discussion <http://forums.adobe.com/message/5819892#5819892

• Error HTTP Status 500 after installing DS Management Console and IPS Services on BI Enterprise Server

  The following error
  HTTP Status 500 - while trying to invoke the method java.util.Properties.entrySet() of an object loaded from local variable 'globalProperties'
  occurred after installing DS Management Console and IPS Services on BI Enterprise Server
  BI Enterprise Edition 4.1 SP1 and BODS 4.1 SP1

  Hi,
  If you can't see the login screen of the CMC then it's a problem of webapps and not EIM services.
  Try cleaning the Tomcat cache for the BOE webapps and let Tomcat re cache it.  Often it does the job.
  - Stop Tomcat
  - Rename the BOE folder to BOE-OLD in C:\Program Files (x86)\SAP BusinessObjects\tomcat\work\Catalina\localhost\
  - Start Tomcat
  When the Tomcat process in task manager is done working (it can take 10-20 min+) then try again.
  When you're done, you can delete the BOE-OLD folder.
  Let me know!

• Prime Fulfillment 6 AND LMS 4.2 on single Solaris 10 server?

  Is it possible to easily operate both Prime Fulfillment 6 AND LMS 4 on single Solaris 10 server?

  They were not tested together, and I recommend they not be installed on the same zone instance (due to potential conflicts).  Now, if you're certain you have a server that can accommodate both suites (in terms of resources), create separate zones for each suite.  This will eliminate the conflict possibility while still giving you one overall physical machine to manage.

• Trend micro and IPS

  Hello,
  I want to buy an ASA5510 + SSM for my lan.
  The goal is :
  - Make URL filtering/blocking within work hours
  - Deny some application like IM, P2P, web radio, during work hours.
  Trend Micro is good for the first think : url filtering by categories
  But is not good for blocking IM, ... (only check port 80 http)
  So, is it possible on an ASA to have Trend Micro and IPs working on the same appliance ?
  If no, what is the solution?
  Thx

  Hi.
  you can only install one module into the ASA. so yes, you can't have both the CSC and the SSM module in the same asa 5510.
  however the ASA does support url filtering via Websense or Secure Computing SmartFilter (formerly N2H2) . so if you have a any of those servers, you can configure the ASA to do the url filtering, and install the ssm ips module into the ASA to do the IM blocking.
  more info on asa web traffic filtering:
  http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/access_filter.html#wp1069318
  Regards,
  Fadi.
  if this answers your question please mark the thread as resolved.

• Setting DNS TTL to 0 for specific DNS names and IPs

  A company we do business with has a service we are trying to contact over the internet. They have requested that we set the TTL for their DNS and IPs on a specific port to 0. Im having a hard time understanding what they are asking for. I thought that
  DNS ttl is generally set by the Registrar. And can you even have ttl on an ip address? That doesnt make any sense tome. They are asking for screen shots of nslookups of 3 ips on port 1443 and they want to see the ttl set to 0. How would I do that on SBS2011/Server2008r2?
  Obvously I only want this on the 3 ips and the dns name, I dont want to set the whole DNS infrastructre to a ttl of 0.

  Sounds screwy to me!
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• Catalyst 6500 and IPS

  I have a catalyst 6500 switch on my network and I know it supports an IDS module.What I am not sure is an IPS.
  Could somebody who knows be kind enough to tell me if there is the support of IPS in the Catalyst 6500 switch.

  The IDSM-2 module is capable of both IDS (promiscuous mode) AND IPS (inline mode).
  So if you need IPS (inline mode) you still just buy the same IDSM-2 but configure it for InLine Interface Pair or InLine Vlan Pair mode instead of configuring for Promiscuous mode.

• Placing IDS and IPS

  Hi,
  Kindly brief about placement of NIDS in a bank network scenario and IPS placement also...

  You didn't get an answer because the question is too vague. I think that banks have different requirements depending on their size. As I recall, there can be different regulatory bodies involved (OTS vs OCC) based on size.
  I would say at a minimum you should have IDS/IPS at all perimeter points. A bank should probably also have some sort of IDS/IPS protecting servers (Network and/or Host based).
  You might take a peek here for some more high-level info:
  http://www.ffiec.gov/ffiecinfobase/html_pages/it_01.html

• IDS and IPS ?

  Hi
  I am using before 4215 IDS in my network.
  My question is what is basic difference IDS and IPS ?. why I am using IPS in place of IDS , what is the key point and benefit ?.
  Thanks
  biplob

  Hi,
  Here are the definitions from IPS 5.1 guide.
  Understanding Promiscuous Mode (IDS)
  In promiscuous mode, packets do not flow through the sensor. The sensor analyzes a copy of the monitored traffic rather than the actual forwarded packet. The advantage of operating in promiscuous mode is that the sensor does not affect the packet flow with the forwarded traffic. The disadvantage of operating in promiscuous mode, however, is the sensor cannot stop malicious traffic from reaching its intended target for certain types of attacks, such as atomic attacks (single-packet attacks). The response actions implemented by promiscuous sensor devices are post-event responses and often require assistance from other networking devices, for example, routers and firewalls, to respond to an attack. While such response actions can prevent some classes of attacks, in atomic attacks the single packet has the chance of reaching the target system before the promiscuous-based sensor can apply an ACL modification on a managed device (such as a firewall, switch, or router).
  Understanding Inline Interface Mode (IPS)
  Operating in inline interface mode puts the IPS directly into the traffic flow and affects packet-forwarding rates making them slower by adding latency. This allows the sensor to stop attacks by dropping malicious traffic before it reaches the intended target, thus providing a protective service. Not only is the inline device processing information on layers 3 and 4, but it is also analyzing the contents and payload of the packets for more sophisticated embedded attacks (layers 3 to 7). This deeper analysis lets the system identify and stop and/or block attacks that would normally pass through a traditional firewall device.
  In inline interface mode, a packet comes in through the first interface of the pair on the sensor and out the second interface of the pair. The packet is sent to the second interface of the pair unless that packet is being denied or modified by a signature.
  http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df7d.html#wp1033759
  Hope this helps.
  Edward

• IDS and IPS Hardware Information

  Hi,
  Can anybody give me a detailed information in all the possible hardware that is used for IDS and IPS technologies till date.

  Cisco 830, 1700, 1800, 2600, 2800, 3700, 3800, and 7200 Series Routers are supported by IPS.

• WS-X6848-SFP module are supported with LMS Prime 4.1 and 4.2

  Hi,
  I would like to know if WS-X6848-SFP modules are supported with LMS Prime 4.1 and 4.2.
  Thanks for your help,
  SILVIA

  It looks like they just added the WS-X6848-TX variant with the latest C6000IOS CiscoView package update (Version 37, dated 31 July 2012 - readme)
  I'd expect the -SFP variant should be in the next update.
  You should open a TAC case to make sure that it's brought to the attention of the dev team if they aren't already working on it. One of the tenets of Cisco Prime LMS is "Day 1 support" of new devices.

• Difference between MARS LMS and IPS

  I am trying to understand the difference between MARS, LMS and IPS and why you would use one over the other.
  Thank you all.

  MARS is an appliance that aggregates/deduplicates syslog and netflow data from routers,switches,firewalls, and IPS sensors. In addition to Cisco devices it also supports things like Checkpoint Firewalls, Snort IPS, etc.
  LMS (Ciscoworks LMS) is primarily a device configuration and IOS management platform that runs on your own Windows server (not sure if Unix is still supported.) We use it to maintain the configs of hundreds of Cisco routers and switches, easily push out config changes to said devices, and mass-deploy IOS upgrades.
  IPS is sort of like anti-virus "on the wire" - it runs on dedicated IPS sensors, plug-in modules on firewalls or 6500's, and on routers via IOS IPS. Events can be forwarded to MARS for correlation, etc.
  You didn't ask, but CSM (Cisco Security Manager) is the more appropriate tool for mass-configuration and 'group policy' for firewalls and IPS sensors.
  Each product solves a particular problem; you wouldn't choose one over the other since they all work together to provide a cohesive solution. The specifics of your environment (particularly the number and type of devices) would dictate your choices here.

• ASA NG 5515-X multicontext support for WSE/AVC and IPS

  Hello,
  I am designing network security with Cisco ASAs. I have a redundant core / distribution switching in VSS and 2 ASAs (Active / Standby) and trying to evaluate whether I could run multiple security services on one pair of ASA in virtual contexts rather then deploying more ASAs. I need to run DMZ so that it could go in one virtual context, then I need to run WSE, AVC and possibly IPS to protect internal users LANs and also deploy web and application security, here not sure if that is supported in a virtual context and with active/standby setup, apart from that I need to protect the servers with FW rules and IPS, here also a dilemma whether this will work in a virtual context and active / standby setup.
  What would you recommend, having separate pair of ASAs for each security service or I could do all that with one pair of ASAs and multi context setup?
  Thanks in advance for quick and informative responses.
  Remi

  OK cool. What is the purpose of the explicit context awareness in PRSM? Is it there but still not supported?
  The only concern I have is about DMZ on same ASA pair. I guess it should be fine because I would not sent any DMZ traffic to CX module (where it would get mixed up with users or servers traffic) and since DMZ would be on a separate virtual context the security would be maintained. Also the DMZ will be kept on a separate VRF and will need to do VRF leaking from DMZ inside VLAN into servers VLAN in the services VRF.
  How about sending both users (for WSE and AVC) and servers (for IPS) traffic into the same CX module? That would work fine?
  Thanks in advance,
  Remi