Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Does PIX 515 Support IDS/IPS?

Recently I need to provide a firewall solution to my customer. I would like to propose Cisco PIX 515E to my customer. I knwo Cisco has a separate IDS (Intrusion Detection System) appliance, they didnt put too much effor into this category for their PIX firewall.

Anyhow, does the pix support IPS (Intrusion Prevention System) and IDS?

Cisco Employee

Re: Does PIX 515 Support IDS/IPS?

The pix does have some ids built-in. It's a small subset of the IDS/IPS signatures offered by the appliances. The signature ID's are kept the same across hardware (so signature ID 1000 on a pix is the same signature as on an IDS/IPS appliance).

You add IDS functionality on the pix via "ip audit xxx" commands.

PIX OS 6.3:

PIX OS 7.1:

(The 7.1 docs have a nice table of what signatures are supported natively by pis OS)

Those two links should provide you and overview of the IDS/IPS functionality and signatures available on the PIX itself.

ovt Bronze

Re: Does PIX 515 Support IDS/IPS?

Don't use built-in IDS in PIX. Either buy standalone sensor or ASA-5500 with AIP-SSM (which is IPS sensor too).

New Member

Re: Does PIX 515 Support IDS/IPS?


Thank for your reply. Can you tell me why you do not recommand me to use built-in IDS in PIX?

ovt Bronze

Re: Does PIX 515 Support IDS/IPS?

Because its functionality is extremely limited.

CreatePlease to create content