Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IDS place

Where is the best place of IDS? outside firewall or inside firewall?

  • Other Security Subjects
1 ACCEPTED SOLUTION

Accepted Solutions

Re: IDS place

It depends on what you want to accomplish. If you want to see most every attack that is coming at you then you would put the IDS in front of the firewall. You will also be getting alot more information to manage but you can see who is trying what and how often. If you only want to try and catch anyone who gets past the firewall then put it behind the firewall. You get much less information to manage this way and you still can issues shuns to the firewall but unless you are monitoring your firewall very closely you will not see every attack or recon since the firewall shuold be catching and dropping most of that traffic.

2 REPLIES

Re: IDS place

It depends on what you want to accomplish. If you want to see most every attack that is coming at you then you would put the IDS in front of the firewall. You will also be getting alot more information to manage but you can see who is trying what and how often. If you only want to try and catch anyone who gets past the firewall then put it behind the firewall. You get much less information to manage this way and you still can issues shuns to the firewall but unless you are monitoring your firewall very closely you will not see every attack or recon since the firewall shuold be catching and dropping most of that traffic.

New Member

Re: IDS place

Thanks!

78
Views
0
Helpful
2
Replies
This widget could not be displayed.