IDSM inline VLAN pairing

Unanswered Question
Oct 23rd, 2007

We have cat 6509 switch with FWSM, IDSM-2, NAM modules. Customer wants all the internal VLAN's to be monitored by IDSM in inline mode. Customer has around 400 VLANS in datacenter and wants to monitor all communications between VLAN's. How do I monitor all VLAN's when IDSM has 2 data ports and can only span 255 vlan groups per port?

Please suggest!


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
trodecke Mon, 11/26/2007 - 13:32

I don't know if anyone is still watching this or not but that's a lot of VLANs to go through a (single?) IDSM. Technically you should be able to do it by splitting the VLAN pairs across the two data ports (i.e. vlan 2-200,1002-1200 on DP 1 and vlan 300-500,1300-1500 on DP 2). Considering each IDSM only has a throuput of 500MBps when deep scanning, you're going to potentially be limiting your throughput considerably if you do this.


This Discussion