We are looking to install both IDS and PIX components on one server. I was reading some of the items in the forum and was given the impression that it would be better if the two were split and installed on different servers. Can someone please share their results and what works best. Thanks
With the two co-existing on the same server will there be a performance issue??? We have over 40 IDS sensors and over 30 PIX firewalls. Would you recommend the same set up??? We are essentially looking for the most optimal performance from this software.
The VMS and the Management centers within it are robust enough to hand upto 300 devices. So you are ok having these 70 devices managed from a single server.
The thing that needs to be taken care of is the Security Monitor which receives the alarms / events from these devices. If the devices are too chatty, they will overwhelm the server, in that case, you could have the Security Monitor on a separate server and leave the IDS and PIX MCs on the other.
Security Monitor sustains receiving upto 500 events/sec. This is sufficient in most of the environments.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :