Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Compatibility

Hello,

Can anybody tell me whether Cisco IDS and Netscreen firewall 1000 are compatible each others.

Thanks in advance.

1 REPLY
Cisco Employee

Re: Compatibility

Depends on what you mean by compatible.

Can they both run on the same hardware? NO

Each needs their own piece of hardware.

Can the Cisco IDS monitor off a hub or switch connected to one interface of the firewall? YES

In this respect the firewall just like any other network device passing traffic.

Can the Cisco IDS create ACLs on the Netscreen firewall to automatically block connections? NO

Cisco IDS can only do automatic blocking with the Cisco Pix Firewalls, certain Cisco Routers, and the Cisco Catalyst 6000/6500 Switches.

Can the Cisco IDS execute TCP Resets when the connection is through a Netscreen firewall?

I DON'T KNOW

The IDS will generate TCP Resets that are sent the Server as well as the Client. The Resets will likely make it to the Client or Server sitting on the same side of the firewall as the sensor, but the Resets may not make it to the Client or Server on the other side of the firewall. Some networking devices do not accept the method used by Cisco IDS when transmitting the TCP Resets. I am not sure if Netscreen firewalls can pass these packets OK or not.

Marco

164
Views
0
Helpful
1
Replies