Solved

INLINE CISCO IPS

Posted on 2013-01-23
1
480 Views
Last Modified: 2013-11-29
Hi,

I have CISCO VSS with many vlans. I would like to implement Cisco  FW and Cisco IPS  so all the traffic can pass through these devices.Any ideas how to design this setup or any related docs ?

Thanks
0
Comment
Question by:1w3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 5

Accepted Solution

by:
Leeeee earned 500 total points
ID: 38810785
There's a few options you can look at, if you want all internet bound traffic to pass through the IPS/FW, simply place a default route on the core pointing to the firewall that connects to the internet edge router. All traffic will be subject to inspection.

Inline placement is also a consideration. The below is a guide focused more on standalone IPS, but you could make it work with the IPS module in the firewall:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/prod_white_paper0900aecd806e724b.html

http://www.caysec.com/2010/09/intrusion-prevention-best-practice-ips.html
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question