Anybody knows about a "Best Practices Guide" to deploy FWSM and IDMS-2 on the same Catalys 6500?
Something like , what is the best way to configure FWSM and IDMS-2 to protect the same VLANS?
I?m asking it because I?m configuring a 6513 Catalyst on a costumer with FWSM, IDSM-2 and Guard modules on the same chassis and I?m facing a lot of trouble to find the best way to make all working together.
Hi .. I have implemented FWSM and IDSM-2 on the same chassis .. I have not implemented Guard sorry .. but It all depends of your network design ( which VLANS will be using IDS and which ones IPS protection). We also had a CPOC where it was found that there are some minimal issues when traffic traverses VLANs which are IN-LINE mode protected .. some signatures will not fired ocasionally . There were also some software dependencies. In our scenario FWSM is running 2.3(4) and IDMS-2 are running 5.1 .. everything works OK.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...