IPS Inline mode for IDSM2

Unanswered Question
Jun 12th, 2008

Hi All,

We are trying to deploy IDSM2, which is acting in promiscous mode at this moment to act as inline ..We are understanding that, there are couple of methods by which we can deploy that,one by making interface pair config and other in vlan pair.........We are trying to deploy in vlan pair for the reason to support vlan in pair on those gigx/7 and Gigx/8 ,making those in trunk mode.

We are curious,whether there are any limitations on this mode when compared to the interface pair mode.

Any help is really appreciated

Thanks

Regards

Anantha Subramanian Natarajan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Farrukh Haroon Thu, 06/12/2008 - 07:44

Not really, there is no limitation that I know of. We run four IDSM-2 separated in two CAT6513 chassis, and I am not aware of a single feature that is unavailable in Inline Vlan pair (and is available in Inline interface pair).

For 4200 series sensors with physical interfaces, hardware bypass is perhaps one notable difference.

However I would except the experts on this forum to comment more on this :)

Regards

Farrukh

TradeSecrets Thu, 06/26/2008 - 12:31

I have a few IDSM2's deployed.. They seem to choke after so much through-put. Also watch the number of signatures. If they get too high it will effect performance. Some signatures are worse than others.

When you put the IDMS-2 inline, you have to watch through put. When you say interface pair for you mean attach via SPAN port. If so, this only gives IDS, but through-put is less of an issue.

Actions

This Discussion