We have a client that has 2 ASA 5516-X, one they want as an IDS only (inline) and the other as their Firewall. The firewall will be the gateway for their VLANs. The topology is as follows:
Endpoint ---L2 Switch (multiple VLANs) ---- ASA (Intrusion Detection only) --- ASA (FW) ---- Router----outside
We are looking for assistance with the configuration of the ASA IDS. They ASA IDS will also need to send logs to a SYSLOG server and also managed with TACACS.
Thank you for your assistance.