Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Placing IDS and IPS

Hi,

Kindly brief about placement of NIDS in a bank network scenario and IPS placement also...

4 REPLIES
Community Member

Re: Placing IDS and IPS

Hi,

Kindly brief about placement of NIDS in a bank network scenario and IPS placement also..

Gold

Re: Placing IDS and IPS

You didn't get an answer because the question is too vague. I think that banks have different requirements depending on their size. As I recall, there can be different regulatory bodies involved (OTS vs OCC) based on size.

I would say at a minimum you should have IDS/IPS at all perimeter points. A bank should probably also have some sort of IDS/IPS protecting servers (Network and/or Host based).

You might take a peek here for some more high-level info:

http://www.ffiec.gov/ffiecinfobase/html_pages/it_01.html

Community Member

Re: Placing IDS and IPS

Hi,

I am having the same question, where to place the IPS at the Bank's Internet Zone (e-service/e-trade) for on-line banking.

The way I see it, placing the IPS in-line behind the firewall (high sec)is much better than placing it ahead of the front-end firewall (low Sec). That's would save security monitoring team a lot of time decoding/reacting to alarms the firewall will supposedly take care of.

Appreciate your advise.

Thanks

Sami

Community Member

Re: Placing IDS and IPS

Your deployment scheme depends on your setup and requirements. And sometimes it depends the product honestly. There are a lot of variables that you'll need to consider, that we can't help with here.

With that open question though, I'd say NIDS in-line behind the firewall or on the gateways themselves. Now if you have an ActiveScout IPS, you could put that in front of the network and let it do it's thing.

389
Views
4
Helpful
4
Replies
CreatePlease to create content