05-25-2008 01:36 AM - edited 03-10-2019 04:07 AM
Dear All,
I need your advice and recommendation related to the ASA and IPS version
I am going to have more then a half a dozen ASA-5510(Baseline) with AIP-SSM-10 implmentation in next 2 days.
Which ASA version is recommended from CISCO version 7.x or Version 8.x. One thing I decided is to go for the IPS version 6.1 (for AIP-SSM10). is there any specific ASA version I should run inorder to run IPS-6.1
Please do advice me
Thanks
05-27-2008 02:28 AM
Hi,
If you plan to use the virtualization capabilities of the AIP-SSM, eg more than one virtual sensor per device You should use version 8.x, otherwise version 7.x will do the job.
good luck.
05-27-2008 07:32 AM
Is this virtuallization capability of AIP-SSM is depend on version of the ASA.
I thougth that version 6.1 of IPS is requrired to do virutalization which I am going to install.
I am confused can you please explain this to me in detail
TIA
05-27-2008 08:48 AM
Hi,
Virtualization support for AIP-SSM was introduced with version 6.x so version 6.1 is cabable of that. Up to four virtual sensors are supported.
The idea behind virtualization is that You can send different class of traffic to different virtual sensors (every sensor with its own signature, rule and anomaly detection definition)
But only in ASA 7.3 and later versions You can specify the name of the virtual sensor to whom You want to send the traffic.
ips {inline | promiscuous][fail-open | fail-close} [sensor sensor_name] <<---
Earlier versions will send all the traffic to the default vs0.(the [sensor sensor_name] option is missing)
As far as I know the latest ASA software is 724 from the 7.x series, so if You want virtualization You must use the 8.x versions.
hth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide