Ideas regarding improvements in my network?

Unanswered Question
May 22nd, 2008

Hi

Currently I've got the following setup for a medium sized firm, not expecting too much growth in the near future.

Internet

|

|

Router1--Router2

(Active) (Standby)

| |

ASA1------ASA2

(Active) (Standby)

| |

Internal Router

Any thoughts how I can improve this? i.e would it be a good idea to add IPS on my external routers (They are 2851) or shoudl I get a separate IPS. What else can you think of that I could add either to the existing routers or switches or as separate units? And where would the units be placed?

Thanks

Dan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Amit Singh Thu, 05/22/2008 - 08:36

Hi Dan,

You can add AIM-IPS on the 2851 routers for you gateway level IPS services. You can add CSC content service module on the ASA's which will give you, Anti-SPAM,Anti-Phishing, Content Filtering, URL filtering etc. capabilities.

That should take care of perimeter based security. If you want the Host based security and the end-point security you can also think of putting CSA along with Cisco NAC solution.

-amit singh

Actions

This Discussion