Cisco IPS 6.1 and IME Released

Cisco IPS Sensor Software 6.1 and the new Cisco IPS Manager Express software have been released. Thanks to Joe Harris` Blog for this.

IPS Sensor Software 6.1 now includes auto-update direct from Cisco.com, great about time!

And the free IPS Manager Express is a very welcome feature, that also includes many video trainings built-in, on how to use the product.

See a sample of screen shots below, if you manage under 5 sensors, i definitely recommend you take a look.

IPS Sensor Updates

Managing Upto 5 Sensors


Event Monitoring/Deny Attacker


IPS Policy/Risk Rating

Video Training

New Components of the Cisco Self Defending Network

Joe Harris, on the 6200networks blog, has some great info on the next phase of the Cisco Self-Defending Network strategy.

One new component that caught my eye, is the Cisco IPS Manager Express (IME), a brand new all-in one application for IPS provisioning, monitorin and reporting, for upto 5 sensors.

You can find the data sheet HERE.

WAAS Mobile Released

I noticed from the Cisco Networkers 2008 Blog, that WAAS Mobile was released.


You can find the VIDEO datasheet HERE, and also the product datasheet HERE.

EOL/EOS for the Cisco IDS 4215 Sensor

Not being content enough with the EOL for the Cisco PIX, Cisco have now announced the end-of-sale and end-of life dates for the Cisco IDS 4215 Sensor!

The EOL notice can be found here.

"Customers with the Cisco IDS 4215 Sensor are encouraged to migrate to the Cisco ASA 5510 Adaptive Security Appliance Intrusion Prevention System (IPS) solution with Advanced Inspection and Prevention Security Services Module AIP-SSM-10. The Cisco ASA 5510 IPS solution with AIP-SSM-10 provides a higher IPS throughput of 150 Mbps plus industry-leading firewall protection. Customers with higher performance requirements can purchase the Cisco IPS 4240 Sensor or the Cisco ASA 5520 IPS solution with AIP-SSM-20. Supporting throughput of 250 Mbps, the Cisco IPS 4240 Sensor supports inline, promiscuous, and hybrid deployment modes. The Cisco ASA 5520 IPS solution with AIP-SSM-20 provides IPS throughput of 375 Mbps in addition to industry-leading firewall protection."

EOL for Cisco PIX!

Well its been coming for ages, but Cisco have finally announced the EOL for the Cisco PIX.

The EOL and EOS Notices can be found HERE, but basically all models, 501,506,515E,525,535 are now effectively End of Life, along with the software versions 6.3, 7.0, 7.2 and 8.0!

"Cisco PIX Security Appliance customers are encouraged to migrate to Cisco ASA 5500 Series Adaptive Security Appliances. In addition to providing more firewall capabilities and the same IPsec VPN capabilities as Cisco PIX Security Appliances running version 8.0 software, the Cisco ASA 5500 Series offers significantly better performance and scalability, SSL VPN support, advanced Unified Communications (voice/video) security, and a modular design that allows customers to add features such as intrusion prevention (IPS), antivirus, antispam, antiphishing, URL filtering, and more. Migration to the Cisco ASA 5500 Series is straightforward, as consistent management and monitoring interfaces are provided, allowing customers to take advantage of their knowledge and investment in Cisco PIX Security Appliances."

ASA 5580

The press release states.."Cisco today announced the availability of the Cisco ASA 5580 Series Adaptive Security Appliances, the company's highest-performing security appliance offering. The new Cisco ASA 5580 is a super-high-performance security platform equally well suited for deployment as a highly scalable firewall with up to 20 gigabits per second (Gbps) of throughput, as well as a 10,000 user remote-access concentrator for Secure Sockets Layer (SSL) and IP Security (IPsec)-based virtual private networks (VPN)."

For ASA model comparison click HERE.

ASA Threat Detection

Joe Harris on his 6200networks blog, has done a great write up on the PIX/ASA feature - Threat Detection.

"Threat detection uses historical rates over various firewall operations to provide: * Basic threat detection reports of possible attacks detected by firewall * Scanning threat detection based on host, subnet, port and general threat detected by firewall or inspection engines * Statistics based on host, port, or protocol * Top 10 list for each statistics type"