Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Desing Network IDS. Where to put IDS'S?

I have a client with Firewalls PIX 525 in your network. The firewall have:

- Interface Inside to the inside network

- Interface Outside to the outside network (internet, routers, etc...)

- Interface DMZ1 to the DMZ network (Public servers)

- Interface Management to the Management network (CiscoWorks, syslog, etc...)

there are two firewalls, an active firewall and a failover firewall with stateful failover.

I want improve the security with network IDS, and I have through install two 4215 in the outside and DMZ1 network.

What do you Think?

Is a Good side to place the IDS's?

throughput Network IDS 4215 = 80 mbps

What is the problem if the traffic is of 100 Mbps?

Thanks

1 REPLY
New Member

Re: Desing Network IDS. Where to put IDS'S?

Hi ,

For the traffic from internet to your servers, the packet will hit to outside interface of the pix first. I'll suggest you put the sensing interface of the sensor on Interface Outside to monitor the traffic coming from outside to your network, put the manage interface under Interface Management so that the manage application can communicate with sensor easier. And of course, pix is the blocking device in this topology.

Thanks

Tony

216
Views
0
Helpful
1
Replies
CreatePlease to create content