Re: Service Modules in 6500s, IPS/IDS and Stand-alone options.
> Does the Service Module in the 6500 i.e. WS-SVC-ASASM1B-K9 come with or support an IPS/IDS option?
On the Cat6k5 is the IDSM2. Thats a completely outdated module with 500 MBit/s of throuput. For the Datacenter designs Cisco recommends the standalone IPS 4500 instead a module if you need good IPS throughput.
> Does a stand-alone ASA5500 come with an installed IPS/IDS option.
The ASA has build-in IPS with a fixed signature-set that is not such rerlevant. The better way of doing IPS on the ASa is to have an optional IPS-module. These modules are didicated hardware on the legacy ASAs (the ones without -X) and pure software-modules on the new ASAs. The 5585 is an exception where IPS is also a dedicated hardware-module.
Sent from Cisco Technical Support iPad App
-- Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...