First Last
asked on
Cisco IPS 4240 VS Cisco ASA AIP SSM-10 Modula?
Why would I buy the Cisco IPS 4240 over the Cisco ASA AIP SSM-10 Modula?
Considering I don't need the extra bandwidth of the ISP 4240 and the AIP SSM-10 requires an ASA 5510 what are the differences? They both seem to protect against the same number of threats.
Considering I don't need the extra bandwidth of the ISP 4240 and the AIP SSM-10 requires an ASA 5510 what are the differences? They both seem to protect against the same number of threats.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The best and most exciting answer i've received on E-E to date. Thank you.
ASKER
If I may ask you two simple questions I'm sure you could answer?
1) Why does Cisco IPS 4200 series and AIM-SSM solutions only work on port 80 and 22 traffic? I see other (much more expensive) solutions from SourceFire and HP Tipping Point work on a wide range of protocols, but they urge against it. I'm assuming most exploits happen over 80 and 22 plus it is too difficult for one person to manage a multi-protocol setup if it isn't their dedicated job.
2) Because the Cisco IPS 4200 series has multiple ports and virtual interfaces then can I get double the fun by having it inline before my ASA firewall scanning multiple T1's and also place it on my core switch stack scanning my inside vlans? Would you advise against this? Something like 4240 I could possibly get approved if these are the possible results. Then I could use my ASA 5510 module port for the CSC-SSM-20 possibly in the future! I am the dedicated security guy where I work and wouldn't mind the challenge and on going monitoring.