Datasheet
Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 8 of 10
Query and Reporting
●
Low-latency, real-time event query
●
GUI that supports numerous default queries and customized queries
●
More than 150 popular reports, including management, operational, and regulatory
●
Intuitive report generation yielding unlimited customized reports
●
Data, chart, and trend formats that support HTML and comma seperated vector (CSV)
export
●
Live, batch, template, and e-mail forwarding reporting system
●
Easy to use query structure built for an effective drill down to the information in a specific
incident
Administration
●
Web interface (HTTPS); roles-based administration with defined privileges
●
Global Controller hierarchical management of multiple Cisco Security Monitoring, Analysis,
and Reporting Systems
●
Automated, verified updates, including device support, new rules, and features
●
Continuous compressed raw data and incident archive to offline NFS storage
Device Support
●
Network: Cisco IOS Software; Cisco Catalyst
®
OS; Cisco NetFlow; and Extreme
Extremeware
●
Firewall/VPN: Cisco ASA Software; Cisco PIX
®
Security Appliance; Cisco IOS Firewall;
Cisco Firewall Services Module (FWSM); Cisco VPN 3000 Concentrator; Checkpoint
Firewall-1 NG and VPN-1 versions; NetScreen Firewall; and Nokia Firewall Intrusion
detection: Cisco IPS; Cisco IDS; Cisco IDS Module; Cisco IOS IPS; Enterasys Dragon
NIDS; ISS RealSecure Network Sensor; Snort NIDS; McAfee Intrushield NIDS; NetScreen
IDP; OS; and Symantec ManHunt
●
Vulnerability assessment: eEye REM, Qualys QualysGuard, and McAfee FoundStone
FoundScan
●
Host security: Cisco Security Agent; McAfee Entercept; and ISS RealSecure Host Sensor
●
Antivirus: Symantec Antivirus, Cisco Incident Control System (Cisco ICS), Trend Micro
Outbreak Prevention Service (OPS), Network Associates VirusScan, and McAfee ePO
●
Authentication servers: Cisco Secure ACS
●
Host log: Windows NT, 2000, and 2003 (agent and agentless); Solaris; and Linux
●
Application: Web servers (Internet Information Server, iPlanet, and Apache); Oracle audit
logs; and Network Appliance NetCache, ISS Site Protector
●
Universal device support to aggregate and monitor any application syslog
●
Support additional and custom devices using the custom log parser feature
Cisco Security MARS continues to improve device support. For the comprehensive, up-to-date list
with supported version information, see:
http://www.cisco.com/en/US/products/ps6241/products_device_support_tables_list.html.