Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
473
Views
0
Helpful
3
Replies

IPS Deployment

waridtel.com
Level 1
Level 1

‎10-16-2008 09:55 PM - edited ‎03-10-2019 04:20 AM

Hi,

I am new to IPS. Can anybody tell me what the basic policies that need to be configured on the IPS when deploying it in DMZ.

Thanks in advance.

Best Regards,

Rahim

Labels:
0 Helpful
3 Replies 3

abinjola
Cisco Employee
Cisco Employee

‎10-16-2008 10:34 PM

Well..if you are asking what signatures needs to be configured then I would say leave it at default signature configuration and you may tune it after a month once you notice a specific traffic pattern ...

Refer to this

http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/cli/cliguide.html

0 Helpful

waridtel.com
Level 1
Level 1
In response to abinjola

‎10-16-2008 10:48 PM

Hi,

Thanks for the help. I am actually more concerned regarding the placement of IPS and in which mode I should configure IPS.

1. Promiscous.

2. Inline.

Best Regards,

Rahim

0 Helpful

abinjola
Cisco Employee
Cisco Employee
In response to waridtel.com

‎10-17-2008 10:13 PM

See it depends on requirement...promiscous means in parallel to your network , which means the first packet would always go through the network/IDS and then IDS would start taking actions of consecutive packets..inline is blocking the very first packet..

see of this helps more..

http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/cli/cliInter.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card