IPS desing for block traffic malicious.

kaiser2020 · ‎01-02-2020

Good morning, experts,

I have a question regarding the design level of how an IPS works with cisco catalys 2960 switches.

For an IPS to block malicious traffic on a catalys switch, is the switch port connected to the IPS configured as SPAN? Does the SPAN port have the ability to modify packets?

I have serious doubts about how the IPS influences the traffic.

I´m junior IT

balaji.bandi · ‎01-02-2020

Not sure where this 2960 in your network, if this is your access switch deploying IPS is no use here.

You need to deploy IPS in the Core network where most of the traffic passing in and out to protect network.

I suggest reading some deployment guidelines, pros and cons ( inline vs tap mode) - you need different other components to be in the network. ( at the stage we are not sure how big network you have - if you have any network diagram share, and how many endpoints or users devices ?)

https://www.cisco.com/c/dam/en/us/td/docs/solutions/SBA/August2012/Cisco_SBA_BN_FirewallAndIPSDeploymentGuide-Aug2012.pdf

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help