2 Different Blocking Devices

logintck · ‎05-02-2006

Router--FW-DMZ-PIX--Interal Network

I have a UDS 4215 to monitor all traffic to/from internal Network & use PIX as blocking device

Now I would like to monitor all traffic in DMZ and use router as blokcing device

May I do that?

Thanks

Fernando_Meza · ‎05-02-2006

Hi .. definetely ... with IPS you can use a PIX, Router and CAT 6500 as blocking devices. Just locate the sensor in oine between the DMZ interface and the servers located on teh DMZ segment and configure the router as blocking device !!!.

you can find info on this link

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00803eb01e.html#wp1030293

I hope it helps .. please rate it it does !!!

logintck · ‎05-02-2006

May I do this?

Using Router as block device to protect DMZ only

and

Using PIX as block device to protect Internal network only

a.giorgi · ‎05-03-2006

logintck

Yes you can.

You need to define two blocking profile in case the pix and router have diferent users names and password. If are the same, only one profile is necesary.

Then define 2 blocking devices

At last define only the routing blocking device indicating name of interface, direction and pre and post ACL (optional)

The pix doesn't need to be defined as blocking device because the IPS use the shun command.

I hope this help to you.

Alberto Giorgi from spain. (A new kid in this block)