Re: IPS 4240 5.0 inline mode configuration

arumugasamy · ‎09-30-2006

Dear Pros,

Please let me know the IPS placement for the following network scenarios i am implementing for my customer

-DSL internet connection terminated in Cisco 3825 internet router.

-3825 inside ethernet segmemt goes to PIX failover pair outside segment.

-PIX Failover pair inside zone now connected to the inside core 4510R switch in the separate vlan 32 (192.168.101.0).

-SVI ip address for inside pix zone is 192.168.101.1

-In the core i have created multiple floorwise vlans for each buildings

-Created SVI for L3 interface in the core for all the vlans

In this setup I want to insert the IPS in inline mode.

Please suggest me the suitable design to place the IPS to configure it as inline mode with configuration details.

Thanks

swamy

Fernando_Meza · ‎09-30-2006

Hi .. basically it depends on which segments you are trying to protect. If you are only interested about protecting the Inside segments from the internet. then the IPS could be placed inline between the Firewall's internal interface and the Core 4510R on Vlan32. This will provide protection for all you inside segments however because you are using the Core for Inter-vlan routing, traffic between your internal segments will not be inspected.

I hope it helps .. please rate it if it does !!

arumugasamy · ‎10-02-2006

Dear Fernando,

Thank you for your excellent info.

I can put inline with fw to protect all segments to internet.

But If i want to protect the each vlan then how can i configure the ips to protect?

What about inline vlan ips.

Please explain it in details.

Thanks

swamy

m.sir · ‎10-01-2006

Check this document about sensor placing

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_and_configuration_guide_chapter09186a0080358053.html#wp479323

It always depends on your preferencies and data flows

M.