Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Is IDS/IPS part of a default ASA 5505?

I am taking over a customer, and they want to know about the potential of a IDS/IPS

with their ASA5505.  But, I can't tell if it's default or an additional license.

Everyone's tags (2)
4 REPLIES
Cisco Employee

Re: Is IDS/IPS part of a default ASA 5505?

The IPS cards for the 5505s are sold separately.

I hope it answers the question.

PK

New Member

Re: Is IDS/IPS part of a default ASA 5505?

The way I have come to understand it, there is a basic set of signatures, DOS Attacks, etc., that are included, but the fancier application layer stuff is additional, correct?

Cisco Employee

Re: Is IDS/IPS part of a default ASA 5505?

Not really, there are no basic signature on the ASA itself. ASA has inspection engine for a few protocols but it has different functionality to IPS inspection engine. Here is the ASA inspection if you are interested:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i2.html

In regards to DOS attacks, there is basic threat detection in ASA, and here is the URL for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1482339

Hope that helps.

New Member

Re: Is IDS/IPS part of a default ASA 5505?

There are basic IPS signatures in the base ASA code/feature set.

See attached picture of IPS Signatures in my ASDM.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_protect.html#wp1056358

4516
Views
0
Helpful
4
Replies
CreatePlease to create content