Can the Cisco IDS monitor off a hub or switch connected to one interface of the firewall? YES
In this respect the firewall just like any other network device passing traffic.
Can the Cisco IDS create ACLs on the Netscreen firewall to automatically block connections? NO
Cisco IDS can only do automatic blocking with the Cisco Pix Firewalls, certain Cisco Routers, and the Cisco Catalyst 6000/6500 Switches.
Can the Cisco IDS execute TCP Resets when the connection is through a Netscreen firewall?
I DON'T KNOW
The IDS will generate TCP Resets that are sent the Server as well as the Client. The Resets will likely make it to the Client or Server sitting on the same side of the firewall as the sensor, but the Resets may not make it to the Client or Server on the other side of the firewall. Some networking devices do not accept the method used by Cisco IDS when transmitting the TCP Resets. I am not sure if Netscreen firewalls can pass these packets OK or not.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...