Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
0
Helpful
1
Replies

4215IDS

ssingh
Level 1
Level 1

‎04-12-2005 07:45 AM - edited ‎03-10-2019 01:23 AM

I have a Public/Private network with a PIX between the 2 segments. I want to add the IDS4215. Question where shoudl I place this box? Parallel to the PIX or Inline with the PIX. Thannks fo rthe help

Labels:
0 Helpful
1 Reply 1

a.arndt
Level 3
Level 3

‎04-12-2005 10:34 AM

My response assumes your IDS-4215 is running Cisco IDS version 4.1 software.

In your case, I'd suggest that you would want to watch the Internal network side of the PIX. A TAP on the line between your PIX and the next physical device will give you great coverage, assuming you want to run passively and don’t prefer using SPAN.

Doing this will serve two purposes. First, it will confirm that whatever traffic your PIX has allowed to pass is not malicious, and will notify you if it is. Second, it will give you an indication if anything resident on your Internal network is trying to pass any undesirable traffic out through the firewall (i.e. – a walk-in worm)

If you happen to have an IDS-4FE-INT installed on your IDS-4215, you could actually watch both sides of your firewall, but this is normally only done where you're either really paranoid or impelled by something, such as policy, to do so.

I hope this helps,

Alex Arndt

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card