Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPS Deployment

Hi,

I am new to IPS. Can anybody tell me what the basic policies that need to be configured on the IPS when deploying it in DMZ.

Thanks in advance.

Best Regards,

Rahim

3 REPLIES
Cisco Employee

Re: IPS Deployment

Well..if you are asking what signatures needs to be configured then I would say leave it at default signature configuration and you may tune it after a month once you notice a specific traffic pattern ...

Refer to this

http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/cli/cliguide.html

New Member

Re: IPS Deployment

Hi,

Thanks for the help. I am actually more concerned regarding the placement of IPS and in which mode I should configure IPS.

1. Promiscous.

2. Inline.

Best Regards,

Rahim

Cisco Employee

Re: IPS Deployment

See it depends on requirement...promiscous means in parallel to your network , which means the first packet would always go through the network/IDS and then IDS would start taking actions of consecutive packets..inline is blocking the very first packet..

see of this helps more..

http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/cli/cliInter.html

217
Views
0
Helpful
3
Replies
CreatePlease login to create content