IDSM vs IPS 4200

Unanswered Question
Aug 28th, 2008

Hi all

I'm trying to design a data center security solution. I have a 6509 E with sup 720 and FWSM. My concern now is whether to go for IDSM or a 4200 sensor. I know about the through put limitations of both products. Can you all highlight any other pros and cons ?

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jdive Fri, 08/29/2008 - 01:48

Outside of the troughput limitation, you might want to look at the amount of physical interfaces that could make a difference. Finally, the IDSM2 hardware platform start to be ancient compared to the latest 4260's and 4270's.

Farrukh Haroon Fri, 08/29/2008 - 05:37

I would recommend going for the appliances. It gets pretty difficult to troubleshoot the network with FWSM and IDSM in the same chassis. Etherchannels, STP, MAC-Learning.......you have to look at all that to see what exactly is happening in the network and the path taken by a particular packet. Since you have a 6500, you can load balance multiple IPS sensors using ECLB.

Also the appliances are modular, you can add interfaces etc.

Another downside is most network monitoring/management software(s) do not supported the IDSM properly, this includes Cisco's LMS and BMC Visualis/Dashboard. You will find the IDSM as a 'disconnected' device on both the Ciscoworks Campus Manager and BMC Visualis (on the network diagrams).

Regards

Farrukh

Actions

This Discussion