https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511684#M98787 <P>Attached is my network design of the PIX and the IPS in promiscuous mode (non-inline). It doesn't look sound:</P><P></P><P>1. Is it possible to set up the IPS in non-inline mode with two sensors? </P><P></P><P>2. Can the IPS direct blocking commands to the PIX through the Desktop Management console? If not, do I need to place an internal switch for the desktop console and the command/control interfaces of the PIX and IPS?</P><P>3. Other comments/suggestions?</P><P></P><P> </P><P></P> Sun, 10 Mar 2019 09:52:22 GMT vxnguyen 2019-03-10T09:52:22Z https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511684#M98787 <P>Attached is my network design of the PIX and the IPS in promiscuous mode (non-inline). It doesn't look sound:</P><P></P><P>1. Is it possible to set up the IPS in non-inline mode with two sensors? </P><P></P><P>2. Can the IPS direct blocking commands to the PIX through the Desktop Management console? If not, do I need to place an internal switch for the desktop console and the command/control interfaces of the PIX and IPS?</P><P>3. Other comments/suggestions?</P><P></P><P> </P><P></P> Sun, 10 Mar 2019 09:52:22 GMT https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511684#M98787 vxnguyen 2019-03-10T09:52:22Z https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511685#M98788 <HTML><HEAD></HEAD><BODY><P>Cisco IPS Version 5.0 Sensor can be configured either in the IPS (inline) mode or the promiscuous IDS mode. If your sensor already has more than one monitoring interface, no additional hardware is required to run Cisco IPS Sensor Software Version 5.0 in the IPS (inline) mode. IPS services require at least one monitoring interface pair (two monitoring interfaces). Cisco provides the option of upgrading sensors with a single monitoring interface to support multiple monitoring interfaces. For more information on the various IDS and IPS sensor platforms and part numbers, please refer to Cisco IPS 4200 Series Data Sheet located at: <A class="jive-link-custom" href="http://www.cisco.com/go/ips" target="_blank">http://www.cisco.com/go/ips</A></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_qanda_item0900aecd801e6a99.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_qanda_item0900aecd801e6a99.shtml</A></P></BODY></HTML> Fri, 03 Feb 2006 20:50:20 GMT https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511685#M98788 b.hsu 2006-02-03T20:50:20Z https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511686#M98789 <HTML><HEAD></HEAD><BODY><P>Thanks. Here is my question restated:</P><P></P><P>Can the IPS 4255 be configured with more than 1 sensor interface in promiscuous mode. In other words, can I configure one IPS device with two or three sensor interfaces in Promiscuous mode (not inline).</P></BODY></HTML> Sat, 04 Feb 2006 08:53:57 GMT https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511686#M98789 vxnguyen 2006-02-04T08:53:57Z https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511687#M98790 <HTML><HEAD></HEAD><BODY><P>Thanks for the response. I understand a monitoring or sensing interface pair is required for IPS 4255 services in inline mode. In promisuous mode, can the Cisco IPS 4255 operate with just one monitoring interface.</P><P></P><P>Thanks.</P></BODY></HTML> Thu, 09 Feb 2006 05:54:13 GMT https://community.cisco.com/t5/network-security/validate-pix-ips-network-design/m-p/511687#M98790 vxnguyen 2006-02-09T05:54:13Z