05-07-2012 06:16 PM - edited 03-10-2019 05:40 AM
I would like to get some sort of IDS box for my lab to work on while I study. Any recomendations? At my workplace we use SSM modules in our 5540's but we dont have nay in a lab environemnt and I really dont think they would appreciate me flipping switches on them.
I saw the 4200 series boxes, would they load 7. code? I also thought about a 5505 with an SSM module. Any feedback is appreciated, thanks
lp
05-07-2012 08:35 PM
Yes you can run 7.0.x code on 42xx series boes.
On 4270, you can load 7.1.3 or later.
Regards,
Sawan Gupta
05-08-2012 07:08 AM
what about the 4215? ITs the most economical unit. Thanks
05-09-2012 09:08 AM
Hello Lukeprimm,
Apologies for the delay in replying.
The 4215 only works in IDS mode, no IPS, so it can only work in promiscous mode not in Inline mode, Unless you get a 4FE PCI card please check:
http://www.cisco.com/en/US/docs/security/ips/5.0/configuration/guide/cli/cliinter.html#wp1040331
If that suits you! then indeed this is the best option available!
HTH
AMatahen
05-07-2012 11:18 PM
Hello Lukeprimm,
Yes true you shouldn't used the SSM used in your live envirnoment because while configuring the device you can easily get the CPU to go up to 100% which can cause problems if your SSM was implemented in Inline mode.
If you want to practice the GUI i would say the cheapest IPS available out there would do the job.
HTH.
AMatahen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide