We deployed both the 4250 sensor and the beta of the new VMS 2.1 console in our Neohapsis partner lab in Chicago. A Cisco engineer helped us get the 4250 feeding data into the system. The 4250, a beefed-up sensor with a gigabit interface and hefty hardware (dual Intel Pentium III 1.2-GHz processors), can receive data in multiple formats, including Cisco POP and standard syslog. With a few configuration changes on the sensor and from the VMS interface, we were able to get everything communicating.
VMS reinstates one of our favorite event viewers, which took a brief hiatus with the release of the Cisco IEV (IDS Event Viewer). The VMS event viewer lets you dynamically sort IDS alert data based on just about any field type--source/destination IP address, alert type, reporting sensor--which makes it easy to slice and dice attack data. Although the functionality existed in earlier revisions of the Cisco Secure Policy Manager (CSPM), this iteration is completely Java-based. A Win32 interface still offers some advantages, such as right-click pull-down windows, that we missed with VMS.
|
Good
IDS event viewer from CSPM was carried over.
Best central management Cisco has put out. Bad
User interface is difficult to use and not very intuitive.
Product appears to have trouble with changes. Product cannot correlate data from different device types. |
VMS allows for the grouping of sensors and policies, which aids in controlling large deployments. For example, by placing multiple sensors in predefined groups, administrators can push configuration changes out to multiple sensors simultaneously. VMS also tracks policy updates and configuration changes, allowing organizations some accountability regarding proper change control.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
