Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
603
Views
0
Helpful
1
Replies

Configure ASA5515-X with IPS as standalone IPS.

JonPBerbee
Level 1
Level 1

‎05-13-2013 01:05 PM - edited ‎03-10-2019 05:57 AM

There are instances in our organization when our customers need to have a standalone IPS device due to environment restrictions.  In the past we used the 4240 sensors which are now, or soon to be, EOL.  The upgrade path is the ASA 5515-X with IPS services and I have heard that the device will be able to operate as a standalone IPS device.

Does anyone know if this is indeed possible or does anyone have experience configuring the device this way?  It'd definitely be cheaper than going with the 4300 devices so I'd be interested in feedback on this.

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎05-14-2013 12:10 PM

We've done this with ASA5500 models, so it's a safe bet you could do this with the ASA5500x devices as well.

The difference between using an ASA and an appliance for an IPS sensor is there's all sorts of firewall technology that you'll need to disable (as much as possible at least, you can't turn it all off) and I believe the sensor will be blind to layer 2 attacks.

- Bob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card