We are looking to implement IDS in our network. Here is a run down of our network. Two external routers runnning bgp to two seperate ISP. Also we have a 7100 VPN router on the external net due to the fact that we are using NHRP for the VPN. Next is the redundant Pix firewalls. Two DMZ's and the internal newtork that has our Frame cloud attached to it.
Now I am thinking of getting the 4215 put a interface on the external and the two DMZ. Then eventually getting another IDS for both the internal and Framecloud networks
Since the 4215 will have 5 monitoring interfaces and 1 command interface, you have a lot of flexability. The device can process up to 80Mbps whether using 1 or 5 interfaces - so keep that in mind.
Placing monitoring interfaces on the outside of the firewall can lead to a tremendous number of events, some or a lot of which may be false positives, unless you are running FW Feature Set on the 7200s. The Pix pair will filter a good bit of the traffic out, so it may make sense to put the interfaces on the 2 dmzs and perhaps one on the inside. Just keep in mind the 80Mbps total can be passing to the 4215. Everything after that will not be review for matches.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...