IDSM vs IPS 4200

Unanswered Question
Aug 28th, 2008
User Badges:

Hi all

I'm trying to design a data center security solution. I have a 6509 E with sup 720 and FWSM. My concern now is whether to go for IDSM or a 4200 sensor. I know about the through put limitations of both products. Can you all highlight any other pros and cons ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jdive Fri, 08/29/2008 - 01:48
User Badges:
  • Cisco Employee,

Outside of the troughput limitation, you might want to look at the amount of physical interfaces that could make a difference. Finally, the IDSM2 hardware platform start to be ancient compared to the latest 4260's and 4270's.

Farrukh Haroon Fri, 08/29/2008 - 05:37
User Badges:
  • Red, 2250 points or more

I would recommend going for the appliances. It gets pretty difficult to troubleshoot the network with FWSM and IDSM in the same chassis. Etherchannels, STP, have to look at all that to see what exactly is happening in the network and the path taken by a particular packet. Since you have a 6500, you can load balance multiple IPS sensors using ECLB.

Also the appliances are modular, you can add interfaces etc.

Another downside is most network monitoring/management software(s) do not supported the IDSM properly, this includes Cisco's LMS and BMC Visualis/Dashboard. You will find the IDSM as a 'disconnected' device on both the Ciscoworks Campus Manager and BMC Visualis (on the network diagrams).




This Discussion