cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1250
Views
0
Helpful
2
Replies
kaiser2020
Beginner

IPS desing for block traffic malicious.

Good morning, experts,
I have a question regarding the design level of how an IPS works with cisco catalys 2960 switches.
For an IPS to block malicious traffic on a catalys switch, is the switch port connected to the IPS configured as SPAN? Does the SPAN port have the ability to modify packets?
I have serious doubts about how the IPS influences the traffic.
 
I´m junior IT
2 REPLIES 2
balaji.bandi
VIP Expert

Not sure where this 2960 in your network, if this is your access switch deploying IPS is no use here.

 

You need to deploy IPS in the Core network where most of the traffic passing in and out to protect network.

 

I suggest reading some deployment guidelines, pros and cons ( inline vs tap mode) - you need different other components to be in the network. ( at the stage we are not sure how big network you have - if you have any network diagram share, and how many endpoints or users devices ?)

 

https://www.cisco.com/c/dam/en/us/td/docs/solutions/SBA/August2012/Cisco_SBA_BN_FirewallAndIPSDeploymentGuide-Aug2012.pdf



BB


*** Rate All Helpful Responses ***

kaiser2020
Beginner

hi,
I have a simple network, the firewall has several interfaces and does the routing.
I have more or less this scheme, 20 servers, 120 users.
I don't know where to put or connect the IPS to protect e.g. lateral attacks between users within the same VLAN
Content for Community-Ad