Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Network IDS Redundancy

Hi,

Is it possible to setup 2 x IDS 4235 in redundant mode on the same link, e.g active-active or active-passive?

Thanks.

Regards,

AK

3 REPLIES
New Member

Re: Network IDS Redundancy

I haven't seen anything that would allow you to configure a 'standby' IDS. Perhaps someone from Cisco could enlighten us as to whether a feature like that is coming down the pipes? I know I have a hard time just selling one IDS let alone redundant ones :)

You could however simply mirror the port that you wanted to monitor to two different ports, plugging a sensor into each of those ports that are being mirrored. You'd configure the management interface of the sensor with separate IP addresses.

Hope this helps some...

Denny

Re: Network IDS Redundancy

Hi Denny,

I agree with you. We can provide redundancy for Firewall, VPN Concentrator but not NIDS.

If I were to use port mirroring, then both NIDS will run in active-active mode resulting redundant response (log/action). Another option might be the Master Blocking Sensor (in the same segment).

Thanks.

AK

New Member

Re: Network IDS Redundancy

You could look at top layer load balancers for IDS for redundancy and resilience and monitoring multiple physically seperate security zones.

123
Views
3
Helpful
3
Replies