Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

IDS 4215 - inline IPS mode


We have an IDS4215, which has recently been upgraded to 5.1.1. This was to enable the IPS functionality within the device.

I want to implement the IDS 4215 in IPS mode but I may need it to protect traffic between a number of different subnets (VLANS). We have 1 firewall with virtual interfaces supplying the 3 VLAN's in our DMZ (trunked from the firewall). the 1'st virtual interface provides access to our reverse proxy VLAN 111 that accepts SSL connecctions to our web site. This then terminates the connection and forwards the requests to the web site (VLAN 222) in clear HTML which is sent through the same trunk to the firewall(virtual interface vlan 222). The web server then sends data/requests to the database, which resides in a seperate VLAN 333 again through the same trunk to the firewall (virtual interface 333).

Can I setup inline IPS protection to protect communications between all these VLANs (firewall virtual interfaces)? If so, how do I go about doing it? Will it work if I setup VLAN pairs on the IPS device? Can I setup multiple VLAN pairs for the same interface? Do I need to use virtualisation because I don't think the 4215 supports this?

What is the best practice for setting up IPS in this type of environemt?

Thanks in advance!

New Member

Re: IDS 4215 - inline IPS mode

I Just had a thought. I couldn't use VLAN pairs as the traffic will needd to pass through the firewall and not directly from 1 VLAN to the other via the IPS.

So I guess my question is, can I implement the IPS inline on a trunk port to the firewall for traffic travelling from one virtual interface to another via that trunk?

CreatePlease to create content