MARS supports multiple versions of NetScreen IDP. How this support is realized within MARS differs based on the version of the sensor that you are running.
â¢NetScreen IDP-Management Server-The NetScreen IDP Management Server is the management software for IDP version 2.x and 3.x sensors. Usually, the IDP-Management Server is installed on the IDP appliance. However, it can be removed from the IDP appliance an and installed on a Solaris or Linux server. In MARS, IDP v2.1 and 3.x are both supported as agents on a Linux host running IDP-Management Server.
â¢NetScreen Security Manager- (NSM) provide support for the following NetScreen sensors:
-NetScreen IDP 4.0
-NetScreen IDP 4.1
MARS does not support multiple reporting devices on the same host (as defined by reporting IP address), IDP-Management Server and NSM cannot co-exist on the same host unless they report to MARS via different IP addresses. However, you can define multiple sensors per management server.
Are you trying to firewall between the WLC and the access points, or between the WLC and the outside or other subnets? In essence, you are really not firewalling the wireless network, per se. You are firewalling the wired network, which may include traffic/subnets from the wireless network. Placement is dependent upon what needs to be protected from what.