I am currently required to design an IDS layout for a future e-commerce server farm. The network will be built around a Cat6513 with 3-16port fiber blades. There will be 3VLANs. I obviously want to monitor all 3 VLANs, but my dilemma is this:
The CAT 6513 has a backplane capable of 32 Gbps, and all the servers will be fiber connected. How do I monitor 3 VLAN's all with a potential of approximately 10GB's of traffic with Cisco IDS sensors? Do a place multiple 4250XL's on a given VLAN? And, if I do that, how do I evenly balance the traffic?
Second... How many IDS Sensors can I place on that Switch.... It is apparently only capable of 2 SPAN ports, but am I correct that VACLs could be written to direct traffic to any number of ports - essentially offering me the ability to add unlimited sensors?
Thanks.