Professional Documents
Culture Documents
Cisco in Persian CSMARS
Cisco in Persian CSMARS
http://blog.shafagh.com/persian
http://forum.shafagh.com
2002 1331
10 MRTG
Receive . Port Utilization
Download Alert IDS (
IDS ISS IBM ) SQL
. ) (Worm . Signature IDS
) (Zero Day ) (Anomaly Detect
Scanning .
IDS Log
MRTG . Event Correlation Log
.
. Slammer
CS-MARS
Page 1 of 12
Slammer NIMDA Code Red (NIMDA
ADMIN !) Slammer Code Red (
)
Exploit IIS !
IIS CSA Cisco Secure
Agent Host Intrusion Prevention .
Protego MARS .
STM Security Threat Mitigation .
Oracle :
20,25,50,55,100,110,200,210,GC,GC2,GCR,GC2R
10200 !
0600 . Cisco Self-Defending Network .
IPS, Firewall .
.
Page 2 of 12
IP GUI SSL .
pnadmin PNMARS Protego
License .
License License
:
Page 3 of 12
License Dashboard :
Page 4 of 12
Dashboard
Packet . 43 2661364
63 Data .
Page 5 of 12
.
. 123
. 25 SMTP.
Incident . Incident
20 SMTP .
Page 6 of 12
Session .
6500
. IP NAT
MARS .
Page 7 of 12
Path Information Hacker Target :
MARS Access-list
MAC
Page 8 of 12
SMTP .
Log .
.
Perimeter Security
Page 9 of 12
BOX .
MARS :
Page 10 of 12
Security Monitoring with Cisco Security MARS
PCI NAC
: Regularity
http://www.ciscopress.com/bookstore/product.asp?isbn=1587052709
http://www.ciscopress.com/bookstore/product.asp?isbn=1587052601
: Configuration Guide
http://www.cisco.com/go/mars
http://www.cisco.com/en/US/products/ps6241/tsd_products_support_configure.html
: SANS
http://www.sans.org/reading_room/whitepapers/logging/configuring_and_tun
ing_cisco_csmars_2044
Page 11 of 12
!Update
June 3 2011 Update
. SIEM .
Page 12 of 12