New MARS and CSM 3.2 Linkages

Some of you may of noticed Cisco Security Manager 3.2 was released at the end of March.

Now i managed to wing a beta of this earlier in the year, as there are some great new MARS linkages. I aslo produced a Demo which can be seen HERE, for a Seminar in London. (I`ll add the version with sound next week).

I`m not completely sure what will work today, as I created the demo using an early MARS 5.34 Beta, but the datasheets on Cisco.com for CSM which i have quoted below, give further info.

So whats new?

IPS Configuration

"Cross-collaboration with Cisco Security MARS enables event/anomaly investigation with immediate insight into policy deployment changes. This collaboration enables policy launching of historic and real-time events, encouraging tighter collaboration between network operations and security operations teams while keeping Cisco Security Manager policies in band. Insight and cross-collaboration decreases event investigation and troubleshooting, thus speeding resolution time. Cisco Security Manager and Cisco Security MARS collaboration enables interactive IPS event action filter creation, thus reducing your network's vulnerability exposure." - Source CSM 3.2 Datasheet


Enhanced Cisco Security Manager and MARS integration
– Ability to select syslog messages collected by Cisco Security MARS and launch to that specific rule in the Cisco Security Manager that generated the syslog
– Ability to select a rule in Cisco Security Manager and view historic or real-time syslog messages in Cisco Security MARS
– Ability to select an IPS signature in Cisco Security Manager and view historical or real-time events processed by Cisco Security MARS
– Ability to view IPS events in Cisco Security MARS and launch to that specific IPS signature in Cisco Security Manager. - Source CSM3.2 Bulletin

Finally some screenshots from the Datasheet....