Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4662
Views
0
Helpful
4
Replies

IPS on the core router

Harutyun Hakobyan
Level 1
Level 1

‎03-20-2019 11:11 PM - edited ‎02-21-2020 08:58 AM

Hi,

 

Is it good practice to enable IPS on the core router to inspect internal traffic?

Please mention bad impacts to normal traffic.

On the edge firewall IPS is enabled.

 

Thanks

 

Labels:
0 Helpful
4 Replies 4

Dennis Mink
VIP Alumni
VIP Alumni

‎03-21-2019 12:22 AM

In mh opinion no. A core router should route traffic primarily (or more likely this is a layer 3 switch). Ips needs to be done on hardware that is made for it. In ciscos case: firepower

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Dennis Mink
VIP Alumni
VIP Alumni

‎03-21-2019 12:23 AM

In mh opinion no. A core router should route traffic primarily (or more likely this is a layer 3 switch). Ips needs to be done on hardware that is made for it. In ciscos case: firepower

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎03-21-2019 01:18 AM

Cisco Best Practice to have dedicate device if the enviroment have high traffic, it also suggested not to enable any processon Core router, since it process major part of your network.

 

if you can post the topology we can suggest where to place this IPS to best outcome.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Harutyun Hakobyan
Level 1
Level 1
In response to balaji.bandi

‎03-21-2019 06:33 AM

Drawing1.jpg

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card