IPS Appliance (4500 and 4300) interface redundancy
Around interface redundancy (A.K.A. interface bonding): our design actually includes a catalyst switch and a couple of IPS appliances 4500, an etherchannel configured with 2 SPF+ cables, one to each IPS. As you might know this are 10Gbps links. This as you see has a layer of resilience by having 2 IPS etherchanneled into the Catalyst.
Now, if one cable fails or interface fails, can we configure any sort of interface bonding or semi-automatic setup with a extra link (in standby or not active) given that we might have spare 10Gbps ports on the switch AND on the IPS? Is there a best practise or something around this? I think the ASA firewalls have a command called "member-interface" which allow this type of redundancy but I think I have not seen this on the CR for the IPS OS. ( see http://yurisk.info/2010/08/23/redundant-interfaces-in-cisco-asa/)
ProblemTaking a snapshot of ISE virtual machines is not supported but it still happens occasionally due to administrators taking a snapshot manually or an integrated technology that automatically takes snapshots to back up VMs. When taking a snapsho...
Hi all, Is it available on Stealthwatch 7 Client or web interface the ability to import the Netflow Exporters names? I found only the possibility to configure manually the name of each Netflow Exporter, but not a bulk configuration.
User Experience Enhancements
As part of Cisco Customer Experience program, we are working towards a more uniform user experience and terminology harmonization. This program runs across all Cisco security products.
We are ali...
Join us on Thursday, October 10 at 10 am PT to meet the CEO and Founder of Cisco's most recent security investment.
In today’s cybersecurity arms race, how does Cisco stay one step ahead in the battle against attackers? One key strategy is keeping tabs on...