Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 530
  • Last Modified:

IOS IPS on Cisco Routers

I have several 2800 Series Routers at several of my clients locations.  I am in the process of Upgrading the IOS on these routers, and after doing some reading I saw that some IOS software also have IPS built in.  I am just curious if anyone out there has used the IOS IPS, and if so how do you like it?  Is it very complex to setup?  Has it been more useful than painful?  This is something I am thinking about configuring at these customer locations.  Thanks
0
denver218
Asked:
denver218
  • 3
  • 2
1 Solution
 
surbabu140977Commented:
If you are configuring IPS, there must be a purpose. What is the meaning of "you like it or not"? IOS IPS is not leisure activity. If you are configuring IPS, it's assumed you know IPS.

If you want to compare the IOS IPS with some other IPS product, please clarify.

Setup is not complex. You probably need 12.4(15)T3 or later with SDM 2.5. If you use SDM it will take probably 10-15 mins to set it up.

Security features are is always painful and useful. If you know exactly what you are doing, probably it will be a good feature to add in. Make sure your customer routers are not already loaded, else enabling IPS will crash them, if the routers are already loaded.

Best,
 
0
 
surbabu140977Commented:
Btw you need 128MB or more DRAM and at least 2MB free flash memory and a current Cisco IPS Service Contract for licensed signature update services.

Best,
0
 
denver218Author Commented:
Thanks.  I know the purpose of IPS.  I have setup and configured IPS in the past, I have just never used the Cisco IOS IPS, and was curious if it was something others were successfully using, if they liked it, felt is was sufficient, played friendly, etc.  I have used other brands of IPS before some I really like and some that I didn't.  I would like to implement IPS at some on my customer locations.  I thought maybe I could save my customers money by using the cisco IOS IPS since they already have 2821 routers which are not being over untilized at all.  My customer routers are alreay configured and are in production, so if I would enable IPS it would crash them?  This is something I would want to do before I configured the router?  Thanks for all your input.
0
 
surbabu140977Commented:
Make sure you have Cisco IPS Service Contract for licensed signature update services, else no point in the IPS. This is going to cost you extra $$$.

You can definitely go ahead and implement it. Setup is easy as told earlier using SDM, but CLI  would give you granular level control. It's not complicated though. One day reading will be enough to start with CLI commands. Just upgrading the IOS and the enabling basic IPS feature won't crash your routers for sure.

Best,
0
 
denver218Author Commented:
Thanks
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now