Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1075
Views
0
Helpful
2
Replies

IPS and Firewall

rakeshsharma3000
Level 1
Level 1

‎01-03-2005 08:59 PM - edited ‎03-10-2019 01:13 AM

Since we now have inline IPS box which is going to sit between your outside network and inside network and going to analyze traffic before it reaches the host on either end. Now if you have firewall box, even that's going to analyze the traffic and make sure it conforms to the security policies. So we have two boxes which is going to analyze the traffic. that means PIX is going to analyze the traffic and again IPS is going to analyze the traffic. Doesnt that effect the traffic. Some competitors have firewall and IPS in the same box, which means they have to analyze the traffic only once, whereas in our case we are analyzing the traffic two time.

Any comments.

Labels:
0 Helpful
2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

‎01-05-2005 11:00 AM

if sensor is inline and placed before firewall, it will drop the packets before they reach the firewall. hence there will be no duplicate analysis of traffic.

0 Helpful

rakeshsharma3000
Level 1
Level 1
In response to nkhawaja

‎01-07-2005 08:06 AM

But when valid packets pass through the IPS, then the firewall again needs to analyze it. So are we not doing the same stuff again.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card