Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

what's the difference between ASA & PIX for IPS function?

question is same with the title

1 REPLY

Re: what's the difference between ASA & PIX for IPS function?

Hi,

In ASA, the ips (AIP-SSM) is a provides proactive, full-featured intrusion prevention services to stop malicious traffic, including worms and network viruses that function similar to standalone IPS 4200 series. It can run either in inline or promiscuous mode.

In inline mode, you can divert inbound traffic from outside interface destine to inside/dmz to IPS module via backplance for properly inspection. Logically, IPS is sitting in the data path.

http://www.cisco.com/en/US/products/ps6825/index.html

For PIX, it only has a subset (something like less than 50) of IDS signature to address well-known/basic intrusion threats. Action is limited, either to reset, drop or alert.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1101884

Obviously, IPS (AIP-SSM) is much better than PIX IDS.

Rgds,

AK

304
Views
0
Helpful
1
Replies
CreatePlease to create content