Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
264
Views
0
Helpful
1
Replies

Blocking question on IDSM blade

Go to solution
mpruden
Level 1
Level 1

‎11-25-2002 11:31 AM - edited ‎03-09-2019 01:11 AM

We currently have a cisco 6509 with a IDS blade being managed by the Cisco

Secure Policy Manager. I have three related questions. If I want

to enable the blocking function identified in the CSPM, ie: be able to

automatically block certain types of alerts for a defined period of time,

can I perform this function by directing the internal MSFC routing module to

handle the blocking function, or do I have to perform this blocking function

with an external firewall or router. Related question, if we can use the MSFC

routing module, how does fast switching (route first, switch the rest) type

functionality affect this capability. Are there any performance benefits

to choosing one method over the other.

Thanks

Mike

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎11-25-2002 12:20 PM

The IDS blade can be configured within CSPM to perform the blocking on the MSFC similar to any other IOS router. It has been tested and is fully supported.

Alternatively you can also configure the IDS blade to perform the blocking directly on the Supervisor using Vlan ACLs.

As for:

Related question, if we can use the MSFC

routing module, how does fast switching (route first, switch the rest) type

functionality affect this capability. Are there any performance benefits

to choosing one method over the other.

Each time the ACLs on the MSFC are changed (by either a user or the IDS blade), the current streams are rechecked against the new ACL. So functionality wise it works fine with fast switching.

I can not, however, comment on the performance when using the MSFC or another device.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎11-25-2002 12:20 PM

The IDS blade can be configured within CSPM to perform the blocking on the MSFC similar to any other IOS router. It has been tested and is fully supported.

Alternatively you can also configure the IDS blade to perform the blocking directly on the Supervisor using Vlan ACLs.

As for:

Related question, if we can use the MSFC

routing module, how does fast switching (route first, switch the rest) type

functionality affect this capability. Are there any performance benefits

to choosing one method over the other.

Each time the ACLs on the MSFC are changed (by either a user or the IDS blade), the current streams are rechecked against the new ACL. So functionality wise it works fine with fast switching.

I can not, however, comment on the performance when using the MSFC or another device.

0 Helpful
Customers Also Viewed These Support Documents