I am looking to setup an IDS for a small business ~30 workstations. I have used open source products in the past such as Snort/Acid/Sguil. I just need to have a port on the router/switch to receive all the packets on a certain network segment. I don't think that i need a $2000 device just to use port monitoring on a switch. Are there any economical product recommendations for a switch or a firewall/vpn with a "monitoring port"?
Is there a way to set up a similar setup without wasting a switch to this. We currently run all our traffic through a Cisco 3600 and and then out through the firewall. So is it possible to set a port on the router to do the same as the switch monitoring port or do we have to get a switch in between the router and the firewall.
If you're looking to get by with the least expense possible, you could use a plain old 10BaseT Broadcast Hub between your router and firewall. I assume that your internet access is DSL speeds or less, so the hub will not be a bottleneck. I havn't seen a good or easy way of using a router to copy traffic.
Well the line is a 10Mbit and behind it is about 1500 workstations so I would not stick an old hub out there. But ok thanks you answered the questions. So I'll order a new switch.
The problem is the rackmounts are getting really crowded and the AC in the server room is working very hard during the summer so I was hoping I could avoid throwing another heat source and space taker in there.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :