Re: IPS

["Scholz, Greg" <gscholz () KEENE EDU>]

I also thought Cisco made a PIX blade for the 6509? Is that not still
the case? And also an IDS blade?  Never used them, but I would hope that
with what Cisco charges these pieces would nicely integrate.

_________________________
Thank you,
Gregory R. Scholz
Lead Network Engineer
Information Technology Group
Keene State College
(603)358-2070
 
--Lead, follow, or get out of the way. 
(author unknown)
 

-----Original Message-----
From: John Kaftan [mailto:jkaftan () HOTMAIL COM] 
Sent: Thursday, July 20, 2006 10:51 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] IPS

Thanks to all who have responded to my IPS question.  Looks like Tipping

Point is the IPS of choice.  It looks like the Tipping Point is an
in-line 
device.  This works great for an internet connection but I am not sure
how I 
would use it to secure inter-VLAN traffic.  I am also concerned about 
traffic between my VLANs.  Since I have a MSFC on a 6509 to handle my 
routing.  I do not see where the Tipping Point device would sit.

I am thinking about moving to having a seperate FW to handle all of my 
routing between VLANS  That way I could place the IPS in-line between my
FW 
and the core switch.    Also I would have added security of a firewall
at 
the core rather then just access lists.

I am wondering if any manufactures have included IPS in their firewall
so I 
could use one device to do it all.

Thoughts?

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/