Cisco IDS Inline? (like ISS Proventia G)

Hi team!

I've been looking around cisco.com and I haven't found a solution based on Cisco IDS doign like an ISS Proventia G inline mode. The Internet Security Systems Inline Proventia G has basically 3 interfaces. The first is used for management (with an IP by then ) and the 2 others not having an IP but being there to sniff. The G is acting like not being there but killing the bad traffic going through the two NIC being not visible. So, this is like a "tap".

Has Cisco something like that?

Thanks,

Dima

Reply to
Dimitri Petrovich
Loading thread data ...

Hi team!

I've been looking around cisco.com and I haven't found a solution based on Cisco IDS doign like an ISS Proventia G inline mode. The Internet Security Systems Inline Proventia G has basically 3 interfaces. The first is used for management (with an IP by then ) and the 2 others not having an IP but being there to sniff. The G is acting like not being there but killing the bad traffic going through the two NIC being not visible. So, this is like a "tap".

Has Cisco something like that?

Thanks,

Dima

Reply to
Dimitri Petrovich

Cisco is starting to approach that in it's PIX firewall and IOS routers, with their ability to create "transparent" firewalls in some very new software releases.

I don't have information about the Cisco IDS line itself. PIX has poor-man's IDS.

Reply to
Walter Roberson

Inline IPS came out with release 5.x of the IDS code. The new 4240 and

4255 sensors are IPS ("intrusion prevention system") out of the box and the older sensors can run inline with the addition of interfaces and a code upgrade to 5.x

-DW

Dimitri Petrovich wrote:

Reply to
David West

Basically, all product that had IDS functionality (capturing traffic passing by and eventualy influencing transport devices to filter out this traffic) are now moving to IPS functionality (working in-line).

As for IOS - it has IPS code from 12.3(8)T. New ASA appliances have IPS functionality in SSM-AIP modules. IDSMv2 module for Catalyst 6500 has also in-line capability. Not mentioning former IDS 4200 appliances, that are now IPS 4200 appliances, with number of interfaces and also in-line capability.

Start reading & searching for info here:

formatting link

Reply to
Łukasz Bromir

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.