Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
5
Helpful
1
Replies

IPS reactions in passive mode

dehghan
Level 1
Level 1

‎05-05-2005 02:20 AM - edited ‎03-10-2019 01:26 AM

Hi

we are planning to deploy cisco IPS 4200 series on our network. We have a redundant network so what I need is an a device that would react to threats(via acl, shun, resets) while in passive mode ( using span or taps). couple of questions

1- Is this device capable of preventing threats whilein passive mode.

2- What is the diffrence between cisco IDS and IPS series ?

Thanks

Labels:
0 Helpful
1 Reply 1

msocarras
Level 1
Level 1

‎05-05-2005 05:16 AM

Hi!

The Cisco 4200 IDS series work as IPS also when used with version 5.0. This means that you can use an IDS/IPS device as a tap in a line to "prevent" attacks by not passing attacking packets. Of course this is a mode of operation, and if you just want to use the device as IDS you can. As IDS you will "monitor" VLANs o ports usually, from a span port. The IDS will alarm and send resets (if configured for) to prevent attacks. You can also configure the IDS to put ACL on border routers or PIX to stop the offending traffic (this may require some tedious and carefull config).

Consider deploying Cisco ASA5500 appliances also. They are IDS/IPS, FW, VPN, and much more.

http://www.cisco.com/go/asa

Mario S.

CCIE #14047

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card