I'm trying to design a data center security solution. I have a 6509 E with sup 720 and FWSM. My concern now is whether to go for IDSM or a 4200 sensor. I know about the through put limitations of both products. Can you all highlight any other pros and cons ?
Outside of the troughput limitation, you might want to look at the amount of physical interfaces that could make a difference. Finally, the IDSM2 hardware platform start to be ancient compared to the latest 4260's and 4270's.
I would recommend going for the appliances. It gets pretty difficult to troubleshoot the network with FWSM and IDSM in the same chassis. Etherchannels, STP, MAC-Learning.......you have to look at all that to see what exactly is happening in the network and the path taken by a particular packet. Since you have a 6500, you can load balance multiple IPS sensors using ECLB.
Also the appliances are modular, you can add interfaces etc.
Another downside is most network monitoring/management software(s) do not supported the IDSM properly, this includes Cisco's LMS and BMC Visualis/Dashboard. You will find the IDSM as a 'disconnected' device on both the Ciscoworks Campus Manager and BMC Visualis (on the network diagrams).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...