We have a New project with IDS 4250 and catalyst 5500
Hello, We have a new project with IDS and We wants to install the IDS 4250 (chassis, s/w, SHH, 1000BaseSX w/ SC connector) in our LAN We have a Catalyst 5500, with a 1000BaseSX port. We want to monitor the traffic of 6 VLAN or even more in this 1000BaseSX port of the Catalyst 5500, it has sense? or is better to install an IDS 4235 for each VLAN?
We also are going to use the VMS 2.1 to manage this IDS.
Re: We have a New project with IDS 4250 and catalyst 5500
What you really need to watch is the sum of the real peak rates (in duplex mode) of all the ports of the Vlan's you need to monitor in the worst operational scenario of your network. If that sum exceed 1GB, the switch will drop packets after the Rx queue get full. In that case, the IDS 4250 will miss these packets. With the IDS 4235 the same math applies with each Vlan and a peak rate of 200Mbps. You also need to consider the throughput of each IDS device (500MB and 200MB) for your calculations.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...