Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

interfaces allocations?

Hello Guys

let say am using IPS 4240,and i have servers on DMZ,here is it possible to allocates sensors ,1 on  inside,and 1 on outside and 1 DMZ  and C&C let say on inside..pls advise

Thanks

6 REPLIES
VIP Super Bronze

Re: interfaces allocations?

Hello alsayed,

IPS/IDS in mostly deployed on the outside perimeter devices and inside of perimeter devices.

Here is a document on understanding IDS/IPS for Defense in Depth:

http://www.sans.org/reading_room/whitepapers/detection/understanding_ips_and_ids_using_ips_and_ids_together_for_defense_in_depth_1381?show=1381.php&cat=detection

HTH

Reza

New Member

Re: interfaces allocations?

Hello riza

what about the sensing in DMZ?i have i-banking server in the dmz,,do i need to iniate a sensing  in DMZ?pls explain

Thanks

VIP Super Bronze

Re: interfaces allocations?

I think if you protect the outside before even getting to DMZ is good enough.  You could add another device in your DMZ, but do you have enough man power to monitor all the devices and go through their logs? Putting a device is not so much of issue, but management and monitoring is.

I have seen when there is too much logs to look at, they don't get look at at all.

Reza

New Member

Re: interfaces allocations?

hello Riza

as a conclusion,i ll out 1 sensore on the outside and 1 sensor in inside and the c&c also in inside,and the IPS run in inline mode

Pls advise

Thanks

VIP Super Bronze

Re: interfaces allocations?

Yes, in addition you can also use host based IDS on your end users workstations.

HTH

Reza

New Member

Re: interfaces allocations?

Thanks for ur Time Freind

174
Views
0
Helpful
6
Replies