IPS HA Solution

Unanswered Question
Jul 23rd, 2007
User Badges:

Hi Guys,

I did some research how Cisco IPS HA works, but no lucky to find out based on followed statement, anybody can explain how to achieve this ?

"Resiliency and redundancy can be delivered through unique network collaboration; for example, Hot Standby Router Protocol (HSRP) configuration and Cisco EtherChannel load balancing on Cisco Catalyst switches can divert traffic to a secondary IPS device upon the failure of a primary device."


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
rhermes Mon, 07/23/2007 - 12:52
User Badges:
  • Gold, 750 points or more

We run a few of these, but it's not terribly reliable. Any distrubance of the state of the Ethernet connection will cause the Catalyst to bounce a sensor out of the Etherchannel group (needing a manual reset). Most signature updates will do it. On the other hand, if you have a process fail in the sensor that doesn't cause the Ethernet interface to go down, the traffic is not re-routed to the other sensor(s).

Try reading this:

Configuring IPS High Bandwidth Using EtherChannel Load Balancing



This Discussion