Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPS Mode consideration!

Guys

in IPS World,where and when we shoud consider mode such interface pair/Vlan Pair?

Thanks

1 REPLY
Cisco Employee

Re: IPS Mode consideration!

Only on IPS 4200 series appliance you can configure either interface mode or inline vlan pair. On AIP module, there is no concept of interface pair as the sensing interface is through the backplane of the ASA firewall. On IDSM module, there is no interface as well, so only vlan-pair can be configured.

If you have multiple vlans that you would like the IPS to inspect the traffic, then you would use vlan-pair deployment. However, if you are routing everything through the IPS then interface pair deployment should be used.

224
Views
0
Helpful
1
Replies