Could you reword your post.. .it is a bit confusing! given what you have provided, you would probably need a 4250 appliance ... but are you sure that the switch is being fully utilized? you may only be utilizing 5% of the switch, in which case you could use a 4235 appliance. First thing is to confirm that you are utilizing that much! Even the 4250 is going to peak out far before gigabit speeds and will start dropping packets... but you need to confirm that you are utilizing that much of your switch... the 3508XL has a backplane speed or forwarding bandwidth of 5Gbps... If you have that much traffic... good luck trying to capture and analyze all of it!
It may be that placement should be elsewhere (prior to this hop in the network from both directions, etc.), which would take care of this problem. If placement is confirmed to be in the proper placement, some changes in your network design at this particular point will probably be required in order to perform intrustion detection. IDS, no matter what the product (at this stage in development) cannot support this much information if indeed you are utilizing the switches backplane. Have you confirmed that you are having a full utilization at this point of the network! If not, then you should be covered with a 4250...
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :