cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
474
Views
0
Helpful
1
Replies

What is the best IPS??

skherisat
Level 1
Level 1

hi all,

currently my compnay decided to buy an ips, i have a cisco 6509 one core siwthc, all my servers connected to the core and seprated through vlans, i want to make inline IPS from any vlan to other valn, 5 of my vlans have SVI, the rest is not so what is the optimal solution for me??? and is it possible to provide me with prices if possible???

1 Reply 1

jwjorgensen
Level 4
Level 4

So if only 5 of your vlans have an interface on the cat6509, then this must mean the other vlans are restricted only to communicate WITHIN the vlan. In order for each vlan to have inline protection between them, you would have to create a dummy vlan for each production vlan and set up inline vlan pairs on the IDSM. (I am making an assumption here) Of course, the same would hold true on IDS appliance, given that you have enough interfaces (you create an inline interface pair).

Alternatively, you could set up SPAN or VACLs for all of the vlans you want protected. Of course, you are losing the IPS capabilities to an extent as this would be more of an IDS solution. You could add blocking devices to the sensor and set the action to block host for the signatures that you want to blocked against.

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: