Is IDS/IPS part of a default ASA 5505?

scubaed13 · ‎03-19-2010

I am taking over a customer, and they want to know about the potential of a IDS/IPS

with their ASA5505. But, I can't tell if it's default or an additional license.

Panos Kampanakis · ‎03-19-2010

The IPS cards for the 5505s are sold separately.

I hope it answers the question.

PK

scubaed13 · ‎03-19-2010

The way I have come to understand it, there is a basic set of signatures, DOS Attacks, etc., that are included, but the fancier application layer stuff is additional, correct?

Jennifer Halim · ‎04-03-2010

Not really, there are no basic signature on the ASA itself. ASA has inspection engine for a few protocols but it has different functionality to IPS inspection engine. Here is the ASA inspection if you are interested:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i2.html

In regards to DOS attacks, there is basic threat detection in ASA, and here is the URL for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1482339

Hope that helps.