Cisco's Host Sensor Platforms

Cisco also offers Host IDS to protect the service endpoints distributed in the network. The Cisco HIDS solution is based on Entercept functionality and augments Cisco's NIDS capabilities as proscribed in the AVVID architecture and SAFE blueprint. Two forms of the sensor are available, the Standard Agent and the Web Edition Agent. While both lend critical, focused functionality to the protection of host systems, the Web Edition includes all Standard Agent functionality and adds protective measures specifically for web servers. We'll discuss both of these agents next.

The software is distributed to the critical systems on the network, yet is controlled via a centralized, secure console for ease of management. From the Cisco IDS Host Sensor Console, administrators can configure and manage all sensors in the network. For instance, as new attack signatures are regularly made available by the Cisco Countermeasures Research Team (C-CRT), security administrators simply download the new signatures to the console, then upload them to the various NIDSs via a centralized process. Additionally, the Cisco VMS software can be used should administrators already be running CiscoWorks to manage other NIDS and security devices in the network. The Cisco IDS Host Sensor software is capable of protecting the following platforms: