Solved

Where to place a Cisco 5510 ASA with IPS?

Posted on 2011-03-11
3
732 Views
Last Modified: 2013-11-29
Hi,

I need a solution to best place a cisco asa 5510 with IPS on my network. I have the WAN (Internet)  a DMZ (Proxy Server) and LAN (Domain) of another cisco asa 5520 for my network and would like to know where would be the best place to fit/place this new ASA 5510 with IPS.

Thanks
0
Comment
Question by:CBB
3 Comments
 
LVL 3

Expert Comment

by:tearman
ID: 35109527
You might consider placing it between the WAN and your older ASA.  This would allow you to utilize the IPS more effectively in this case without having to completely uproot your older ASA (which I assume isn't an option).
0
 

Author Comment

by:CBB
ID: 35109601
I don't want to remove the ASA 5520. I want to have both of  them on the network but I'm not sure where to place the ASA 5510 with IPS. Was thinking of placing the IPS either on the DMZ or LAN of the existing ASA 5520.... ?????
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 35112480
You would want to place the ASA with IPS along the most used network channel that would need protection.    If you are protecting the internal network, then I would say place it between the existing ASA and the internal LAN to watch that traffic.    If it is for the DMZ  you would want to place it there.       Ideally, the IDS would be at the center point of the network so that the ASA with IDS would hand both zones for inside and DMZ allowing for maximum coverage.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question