Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IPS

Can you pls tell me some issues firewall cant solve that IPS/IDS can

1 ACCEPTED SOLUTION

Accepted Solutions

Re: IPS

Hello tamuno,

Firewalls can block unnecessary traffic, based on the Layer 4 parameters, TCP / UDP ports, IP address etc.. This device, I can say, blocks around 70 % of the unwanted traffic.. firewalls have basic IPS functionality on the software which is very limited on the total signatures (around 20)...

If you are talking about full-fledged security, firewalls cant really do it 9as told above)... simple example is, if there is a mail server, the firewall will permit port 25/110 into the inside network, just by seeing the layer 4 header... wht if the attacker does a port sweep, finds that the firewall has 25/110 open, and introduce vulnerabilities on these open ports?? your network is vulnerable to attacks !!!! IPS will be the DEVICE here, which can inspect packets on layer 7 (application layer) and see if the packets entering the network is allowed/denied.. combining firewall & IPS, network administrators can get 95% of unwanted traffic blocked..

Hope this helps.. all the best.. rate replies if found useful..

Raj

1 REPLY

Re: IPS

Hello tamuno,

Firewalls can block unnecessary traffic, based on the Layer 4 parameters, TCP / UDP ports, IP address etc.. This device, I can say, blocks around 70 % of the unwanted traffic.. firewalls have basic IPS functionality on the software which is very limited on the total signatures (around 20)...

If you are talking about full-fledged security, firewalls cant really do it 9as told above)... simple example is, if there is a mail server, the firewall will permit port 25/110 into the inside network, just by seeing the layer 4 header... wht if the attacker does a port sweep, finds that the firewall has 25/110 open, and introduce vulnerabilities on these open ports?? your network is vulnerable to attacks !!!! IPS will be the DEVICE here, which can inspect packets on layer 7 (application layer) and see if the packets entering the network is allowed/denied.. combining firewall & IPS, network administrators can get 95% of unwanted traffic blocked..

Hope this helps.. all the best.. rate replies if found useful..

Raj

113
Views
0
Helpful
1
Replies