02-24-2006 05:03 AM - edited 03-10-2019 01:54 AM
Recently I need to provide a firewall solution to my customer. I would like to propose Cisco PIX 515E to my customer. I knwo Cisco has a separate IDS (Intrusion Detection System) appliance, they didnt put too much effor into this category for their PIX firewall.
Anyhow, does the pix support IPS (Intrusion Prevention System) and IDS?
02-24-2006 05:27 AM
The pix does have some ids built-in. It's a small subset of the IDS/IPS signatures offered by the appliances. The signature ID's are kept the same across hardware (so signature ID 1000 on a pix is the same signature as on an IDS/IPS appliance).
You add IDS functionality on the pix via "ip audit xxx" commands.
PIX OS 6.3:
PIX OS 7.1:
http://www.cisco.com/en/US/products/ps6120/products_command_reference_chapter09186a00805fb9f7.html
(The 7.1 docs have a nice table of what signatures are supported natively by pis OS)
Those two links should provide you and overview of the IDS/IPS functionality and signatures available on the PIX itself.
02-25-2006 07:09 AM
Don't use built-in IDS in PIX. Either buy standalone sensor or ASA-5500 with AIP-SSM (which is IPS sensor too).
02-26-2006 05:45 AM
Hi,
Thank for your reply. Can you tell me why you do not recommand me to use built-in IDS in PIX?
02-26-2006 06:43 AM
Because its functionality is extremely limited.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide