learning IDS?

Unanswered Question
May 7th, 2012

I would like to get some sort of IDS box for my lab to work on while I study.  Any recomendations? At my workplace we use SSM modules in our 5540's but we dont have nay in a lab environemnt and I really dont think they would appreciate me flipping switches on them.

I saw the 4200 series boxes, would they load 7. code?  I also thought about a 5505 with an SSM module.  Any feedback is appreciated, thanks

lp

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sawgupta Mon, 05/07/2012 - 20:35

Yes you can run 7.0.x code on 42xx series boes.

On 4270, you can load 7.1.3 or later.

Regards,

Sawan Gupta

lukeprimm Tue, 05/08/2012 - 07:08

what about the 4215?  ITs the most economical unit.  Thanks

a.matahen Wed, 05/09/2012 - 09:08

Hello Lukeprimm,

Apologies for the delay in replying.

The 4215 only works in IDS mode, no IPS, so it can only work in promiscous mode not in Inline mode, Unless you get a 4FE PCI card please check:

http://www.cisco.com/en/US/docs/security/ips/5.0/configuration/guide/cli/cliinter.html#wp1040331

If that suits you! then indeed this is the best option available!

HTH

AMatahen

a.matahen Mon, 05/07/2012 - 23:18

Hello Lukeprimm,

Yes true you shouldn't used the SSM used in your live envirnoment because while configuring the device you can easily get the CPU to go up to 100% which can cause problems if your SSM was implemented in Inline mode.

If you want to practice the GUI i would say the cheapest IPS available out there would do the job.

HTH.

AMatahen

Actions

Login or Register to take actions

This Discussion

Posted May 7, 2012 at 6:16 PM
Updated May 7, 2012 at 6:21 PM
Stats:
Replies:4 Overall Rating:
Views:392 Votes:0
Shares:0
Tags: ids
+