02-21-2012 10:49 AM - edited 03-04-2019 03:22 PM
Hi Guys
Pls can u help me to setup the Physical connectively of IPS 4240 on the Internet edge with the ASA 5520 ,Pls how the topology will be
Pls Have a look to the attached Topoogy,if this a good design with IPS Appliance at nternet Edge
thanks
02-22-2012 01:23 PM
While inline as you show would work (and is arguably more secure), some folks prefer to have the appliance's interfaces both connected to the internal switch on an "inside" and "outside" VLAN.
That is a bit easier to implement and, should it ever need to be taken offliner it can be done with simple switch configuration vs. moving cables.
I wonder if you also need to protect a DMZ with IPS?
02-22-2012 05:38 PM
As Marvin said, injecting an IPS inline to the path serves as the best protection as each every traffic in the path would be analyzed. The only issue with your IPS model accompanied with inline mode is, there is a lack of hardware inline bypass. But , it supports software bypass.
Thanks
Vivek
02-23-2012 02:52 AM
Guys
Pls can y update the topology with ideal design
thanks
02-23-2012 03:27 AM
Whatever you have in place is an ideal design.
02-23-2012 08:56 AM
guys
Pls one Favor,can u update the topology with two IPS for redundancy at the Internet edge,how the physical connectivity would appear
thanks
02-23-2012 05:28 PM
Based on your diagram i don't see a point of having redundant IPS when you don't have a redundant firewall, router & switch.
02-24-2012 01:59 AM
Hi Vivek
I m going to have redundant fashion at the Internet edge
02-24-2012 03:27 AM
Does that mean, you would have dual internet + router + Firewall + Switch?
Thanks
Vivek
02-24-2012 04:24 AM
Hi Vivek
yes y right, 2 Internet router (3825) 2 asa 5520 2 ips 4240 2 core 4500, acting as core
Pls vivek can u draw the topology for me for the IPSs,routers,ASAs at the Internet edge that describe the physical connectivity of the devices
frankly speaking i didn't find diagram matching the described topolgoy so i seeking ur help
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide