08-28-2008 09:18 PM - edited 03-10-2019 04:16 AM
Hi all
I'm trying to design a data center security solution. I have a 6509 E with sup 720 and FWSM. My concern now is whether to go for IDSM or a 4200 sensor. I know about the through put limitations of both products. Can you all highlight any other pros and cons ?
thanks
08-29-2008 01:48 AM
Outside of the troughput limitation, you might want to look at the amount of physical interfaces that could make a difference. Finally, the IDSM2 hardware platform start to be ancient compared to the latest 4260's and 4270's.
08-29-2008 05:37 AM
I would recommend going for the appliances. It gets pretty difficult to troubleshoot the network with FWSM and IDSM in the same chassis. Etherchannels, STP, MAC-Learning.......you have to look at all that to see what exactly is happening in the network and the path taken by a particular packet. Since you have a 6500, you can load balance multiple IPS sensors using ECLB.
Also the appliances are modular, you can add interfaces etc.
Another downside is most network monitoring/management software(s) do not supported the IDSM properly, this includes Cisco's LMS and BMC Visualis/Dashboard. You will find the IDSM as a 'disconnected' device on both the Ciscoworks Campus Manager and BMC Visualis (on the network diagrams).
Regards
Farrukh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: