cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
495
Views
3
Helpful
3
Replies

IDS/IPS solutions-- Firepower, or open source server?

Hello.

My task is to investigate IDS/IPS solutions for my enterprise.

QUESTIONS:

1. ASA "Firepower" technology-- can this solution be implemented with only one ASA running Firerpower, or is an additional server needed?

2. This solution requires Firepower devices, with annual license renewals, at all our branches. There seems to be cheaper alternative options, such as High Performance Network Monitoring Solutions based on Open Source and Commodity Hardware. (ntop.org) , but I don't understand how these solutions expediently stop a threat.  With or without Cisco devices, are there any significantly cheaper yet still satisfactory Enterprise IDS/IPS solutions-- such as sending all data to a server to run IDS/IPS? What are your thoughts?

Thank you.

3 Replies 3

What asa platform you have ?

I think and I hope Mr.Rob also comment same is order new firepower which can add IPS to it.

Asa old and I think it waste of money add IDS/IPS to it.

balaji.bandi
Hall of Fame
Hall of Fame

Depends on what security expert internall have it.

Suricat

Snort (offer service directly)

zeek

I have used before and if you do not have any hands on experience, then  going with Vendor is viable solution.

Not that i need to mention here - I used Fortigate ( that is reasonable cost for mediam enterprise)

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

@jmaxwellUSAF you would not use ASA software or hardware, the ASA hardware is EOL. If using a Cisco solution you could use Firepower hardware with the FTD software image and the Threat/IPS license, this can all be managed centrally by on-premise FMC or in the cloud by cdFMC.

Review Cisco Networking for a $25 gift card