From: Yinglam Cheung (ccie6961@yahoo.com)
Date: Tue Dec 05 2006 - 19:37:28 ART
This doc speaks well for what sensor interface can be configured inline mode
for IPS:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/hwguide/h
wintro.htm#wp511489
You can configure AIP-SSM to operate inline even though
it has only one sensing interface.
----- Original Message ----
From: Kal Han
<calikali2006@gmail.com>
To: Yinglam Cheung <ccie6961@yahoo.com>
Cc: Jerry
McVoy <jmcvoy2000@hotmail.com>; security@groupstudy.com;
ccielab@groupstudy.com
Sent: Monday, December 4, 2006 10:34:27 PM
Subject: Re:
IPS In-line
The hardware for IPS is very different from rest
of the sensors.
I dont know if you can call the
one on ASA as an interface. Its a backplane.
There is no physical network card for that.
The way SSM works is, it uses
input and output
interfaces from the regular ASA interface ( 4 interface )
The
data is just put on the backplane to go to
the SSM card, and after inspection
is done, traffic is
sent out again using the regular ASA interfaces.
The one
interface you see on the card is
C&C interface.
On 12/4/06, Yinglam Cheung
<ccie6961@yahoo.com> wrote:
>
> normally requires two, but the IPS module for
ASA with one port works
> in-line
> also.
>
>
> ----- Original Message ----
>
From: Jerry McVoy <jmcvoy2000@hotmail.com>
> To: security@groupstudy.com;
ccielab@groupstudy.com
> Sent: Monday, December 4,
> 2006 9:09:51 PM
>
Subject: IPS In-line
>
>
> How many interfaces do you need on an
> IPS sensor
to do in-line mode?
>
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:36 ART