|[ LiB ]|
The Cisco IDM is a compact Web graphical user interface (GUI) allowing you to tune signatures, configure signature groups, create custom signatures, and perform sensor administration and management tasks for an individual sensor. Its interface is similar to those of the IDS MC and Security Monitor for VMS. The main difference is that IDM doesn't include functions for configuring multiple sensors; for example, the configuration deployment workflow for sensors and sensor groups that is a core part of the IDS MC does not appear in IDM. The four tab sheets in IDM are Devices, Configuration, Monitoring, and Administration, allowing you to perform single-device configuration, management, monitoring, and administration tasks.
We don't go into IDM in great detail because it's self-explanatory and it incorporates a comprehensive online help. More importantly, by mastering the navigation and configuration tasks using the IDS MC that are covered throughout this book, you will inevitably gain a strong command of IDM. As a final note on IDM, it has the Network Security Database (NSDB) built-in. The NSDB , which we introduced in Chapter 3, "Intrusion Detection Overview," is a component of IEV that provides information and vulnerabilities that signatures protect against. Simply click on a signature ID to display its associated entry in the NSDB.
IDM recommends Netscape 4.79 or Internet Explorer 5.5 with Service Pack 2 (SP2) or higher as client browsers.
|[ LiB ]|