Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1322
Views
0
Helpful
2
Replies

Cisco ASA 5525-X with FirePower and IPS license

sistematico
Level 1
Level 1

‎10-30-2015 03:23 PM - edited ‎03-12-2019 05:48 AM

I have 2 cisco 5525-x with firepower and the IPS license, I have configured the FireSight and the firewall, everything is working properly but i want to activate the IPS on it, since i have a lot of servers on my DMZ zone which thoses server are accesible from the inside and some of them also from the outside.

My question is if I activated the IPS would be any traffic block?, would it takes my network down? what are the risk if I enable the IPS?

Thank you all in advance.

Here is my network scheme in simple way.. 

Labels:
0 Helpful
2 Replies 2

prasmura
Cisco Employee
Cisco Employee

‎11-01-2015 08:24 PM

IPS will act based on signatures, by default enabling it should not drop or impact the existing traffic. (unless legitamate harmful traffic)

You can configure it first on passive TAP mode. In this mode the IPS will not drop any traffic instead only a copy of packet is sent to IPS to monitor the traffic.

0 Helpful

sistematico
Level 1
Level 1
In response to prasmura

‎11-02-2015 11:31 AM

Thanks, I will do that for testing,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card