Cisco MARS 4.3.4 and 5.3.4 Out Now

Cisco MARS Versions 4.3.4 for Gen1 Appliances, and 5.3.4 for Gen2 Appliances has just been released.

You can find here, the release notes for 4.3.4 and 5.3.4

New Features

As mentioned on an earlier post, the CSM 3.2 Video i created on Demolabs, was done with a 5.34 Beta Code, these features are now possible!

Improved CSM-MARS Linkage. "With Security Manager 3.2 and MARS 4.3.4 and 5.3.4, you can modify access rules generating the MARS event seamlessly from the read-only policy table popup window, which displays all rules associated with an event, by clicking the highlighted access rule number without starting Security Manager separately. Similarly, you can navigate to the signature summary table in Security Manager from MARS events associated with IPS sensors and IOS IPS devices and alter the signature properties. This feature enables you to map a syslog message to the policy that triggered that message and modify it simultaneously, thereby reducing time spent configuring and troubleshooting access rules in large or complex networks.

Additional improved support includes:

–Support for MARS to launch CSM and authenticate using stored login credentials.

–Improved support for firewall and IPS policy rule lookups.

–From Policy Query, you can edit a signature on an event or define a filter on the CSM device to perform device-side tuning.

–Edit IPS signatures that fired an inspection rule.

–Edit IPS signatures that fired an inspection rule."

Improved Global Controller-Local Controller Group Synchronization. "In the x.3.4 releases, MARS changes how source and destination information found in Global Controller rules is shared with managed Local Controllers. (This change is in support of CSCse03237: Changes made to GC network groups are not propagated to active LC rules.) "

Update to intrusion prevention, and intrusion detection, and vulnerability assessment signature sets

And of course the usual bugfixes.