Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPS Feature on Select Routers and Firewalls

My first question is what is the difference in the IPS feature on a RVS4000 router and a SA 500 series firewall when the rvs4000 does not require a yearly sub and the sa 500 series does?

Also is there currently a cisco product that does IPS and can handle a 50Mbps connection without trottling it?

Everyone's tags (5)
6 REPLIES
New Member

Re: IPS Feature on Select Routers and Firewalls

RVS4000

  • IPS signatures are generic
  • IPS signatures are not configurable at all
  • IPS signatures are updated roughly around once a year
  • IPS is a free feature
  • Turning on IPS is resource intensive and brings your maximum throughput down to roughly ~22 Mbps

SA500 Series Routers

  • IPS signatures are less generic
  • IPS signatures are configurable in the sense that you can ignore, track, or track and act upon the each signature individually
  • The IPS signatures are updated roughly around four times a year
  • IPS is a paid for feature
  • Turning on IPS is resource intensive and brings your maximum throughput down to roughly ~22 Mbps

ASA and Above Routers

  • IPS signatures are robust
  • IPS signature are completely configurable for the most part
  • The IPS signatures are updated roughly once a week
  • IPS is a paid for feature that requires an extra piece of hardware
  • Turning on IPS is resource intensive and but depending on the extra piece of hardware you purchase the sky is the limit in regards to throughput!

I hope this helps. Anyone feel free to correct me if I'm wrong.

New Member

Re: IPS Feature on Select Routers and Firewalls

So in looking at cdw.com website for the asa5505 is the firewall edition bundle is that what would be considered the IPS featured firewall then?

New Member

IPS Feature on Select Routers and Firewalls

You just surpassed my level of expertise.  You need to ask this very question in the following forum:

https://supportforums.cisco.com/community/netpro/security/intrusion-prevention?view=discussions

Good Luck!

Silver

Re: IPS Feature on Select Routers and Firewalls

I have moved this post from Small Business Security to the current location.

Regards,
Cindy Toy
Cisco Small Business Community Manager
for Cisco Small Business Products
www.cisco.com/go/smallbizsupport
twitter: CiscoSBsupport

Regards, Cindy If my response answered your question, please mark the response as answered. Thank you!

Re: IPS Feature on Select Routers and Firewalls

For the ASA 5505, you will need to look at a bundle that inclues the SSC-5 IPS hardware module.  The link below provides additional details regarding the various bundles and SKUs available.

http://www.cisco.com/en/US/customer/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_bulletin_c25-528621_ps6120_Products_Bulletin.html

New Member

Re: IPS Feature on Select Routers and Firewalls

Ok so take newegg for example they have several of these under 1k but I am not sure other than users what makes them different.

http://www.newegg.com/Product/Productcompare.aspx?Submit=ENE&N=-1&IsNodeId=1&Description=asa%205505&bop=And&CompareItemList=-1|33-120-073^33-120-073-02%23%2C33-120-076^33-120-076-S01%2C33-120-072^33-120-072-08%23%2C33-120-135^33-120-135-TS

Users would be IP addresses that it is talking to on the local network that it considers users?

Also the link you showed me refers to a "K8" and "K9" for both the 50 and unlimited user bundle. Then the unlimited user one has a security plus license bundle. These security plus things those are part of the software that would run on the users machines? like the trend micro application?

736
Views
5
Helpful
6
Replies