Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IDS Design Help

I am currently required to design an IDS layout for a future e-commerce server farm. The network will be built around a Cat6513 with 3-16port fiber blades. There will be 3VLANs. I obviously want to monitor all 3 VLANs, but my dilemma is this:

The CAT 6513 has a backplane capable of 32 Gbps, and all the servers will be fiber connected. How do I monitor 3 VLAN's all with a potential of approximately 10GB's of traffic with Cisco IDS sensors? Do a place multiple 4250XL's on a given VLAN? And, if I do that, how do I evenly balance the traffic?

Second... How many IDS Sensors can I place on that Switch.... It is apparently only capable of 2 SPAN ports, but am I correct that VACLs could be written to direct traffic to any number of ports - essentially offering me the ability to add unlimited sensors?


Cisco Employee

Re: IDS Design Help

Hi Don,

Even the upcoming IDSM2 blade on the upcoming 4.1 version will be supporting upto 500MB performance. This blade will have 2 sniffing interface. but for your situation, IDSMs do not seem feasible.

You best bet is on the 4250XL which perform at 1GB and has 2 sniffing interfaces. You could deploy 2 of those.

As for the 10GB data, are you implying that you will be deploying 10GB lans? The 4250XL has 1000BASE-SX (fiber) and 10/100/1000BASE-TX interfaces only. Also there is no way to sagregate traffic towards each sensor. The sensor's sensing inerface is in promiscous mode and will see all traffic.

You might have already taken a look at these, but just in case;

Capacity Verification for High Speed Network IDS