cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
753
Views
0
Helpful
1
Replies

AIM-IPS in 18xx/28xx vs IOS IPS in 29xx series routers

kstarnes11
Level 1
Level 1

I am contemplating upgrade options for a 1841 equipped with an AIM-IPS card.  The IOS-IPS in the 18xx/28xx routers was limited in the number of active signatures and therefore we went with the AIM-IPS card.  Are there similar limitations with the 29xx series routers, or does the new platform’s added memory/processor speed eliminate the limitations with a purely IOS-IPS based solution?

So far I have been unable to find any documentation directly addressing limitations of IOS-IPS in 29xx routers so I thought I would check and see if anyone here had either found some documentation and/or had firsthand experience with IOS-IPS in the 29xx series.

1 Accepted Solution

Accepted Solutions

Scott Fringer
Cisco Employee
Cisco Employee

Yes, the IOS IPS feature set on all platforms carries the same signature engine limitations.  One variable limitation is the potential number of signatures that can be compiled into memory; this is based on available resources on the specific platform (and the reason for the 'basic' and 'advanced' IOS IPS category sets).  These two categories are provided to allow convenient configuration on low-memory (basic category) and high-memory (advanced category) routers.

The largest difference is that some signature engines available in Cisco's appliance/module-based solutions are not available in the software-based IOS IPS feature set.

Scott

View solution in original post

1 Reply 1

Scott Fringer
Cisco Employee
Cisco Employee

Yes, the IOS IPS feature set on all platforms carries the same signature engine limitations.  One variable limitation is the potential number of signatures that can be compiled into memory; this is based on available resources on the specific platform (and the reason for the 'basic' and 'advanced' IOS IPS category sets).  These two categories are provided to allow convenient configuration on low-memory (basic category) and high-memory (advanced category) routers.

The largest difference is that some signature engines available in Cisco's appliance/module-based solutions are not available in the software-based IOS IPS feature set.

Scott

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: