Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

IPS position

i have one doubt my network is scenario is first firewall ASA 5580 one DMZ netowork and one inside network ips is connected to INSIDE network its connected into switch does it monitor DMZ traffic. please let me know.

regds

rsreddy

1 REPLY
Gold

Re: IPS position

The ASA 5580 is a pretty big firewall and it does not have a slot for an AIP-SSM IPS module. What model IPS sensor(s) do you have? Idealing you would like to monitor the DMZ and the internal network. Look at some traffic stats on your firewall to see if your sensor can handle the total bandwidth of both DMZ and Internal networks. Did you plan on putting your sensor in-line? Do you have enough sensor interface pairs?

165
Views
0
Helpful
1
Replies
CreatePlease to create content