Solved

Where to place a Cisco 5510 ASA with IPS?

Posted on 2011-03-11
3
733 Views
Last Modified: 2013-11-29
Hi,

I need a solution to best place a cisco asa 5510 with IPS on my network. I have the WAN (Internet)  a DMZ (Proxy Server) and LAN (Domain) of another cisco asa 5520 for my network and would like to know where would be the best place to fit/place this new ASA 5510 with IPS.

Thanks
0
Comment
Question by:CBB
3 Comments
 
LVL 3

Expert Comment

by:tearman
ID: 35109527
You might consider placing it between the WAN and your older ASA.  This would allow you to utilize the IPS more effectively in this case without having to completely uproot your older ASA (which I assume isn't an option).
0
 

Author Comment

by:CBB
ID: 35109601
I don't want to remove the ASA 5520. I want to have both of  them on the network but I'm not sure where to place the ASA 5510 with IPS. Was thinking of placing the IPS either on the DMZ or LAN of the existing ASA 5520.... ?????
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 35112480
You would want to place the ASA with IPS along the most used network channel that would need protection.    If you are protecting the internal network, then I would say place it between the existing ASA and the internal LAN to watch that traffic.    If it is for the DMZ  you would want to place it there.       Ideally, the IDS would be at the center point of the network so that the ASA with IDS would hand both zones for inside and DMZ allowing for maximum coverage.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 Errors 11 79
Fraud Email 22 84
ow do I browse the internet secretly? 6 57
Cisco 3650x ACL 8 12
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
how to add IIS SMTP to handle application/Scanner relays into office 365.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question