Another consideration is that your IPS is blind to attacks over SSL. One
optionis to do SSL offloading on a load balancer and put your IPS behind
the load balancer.
On Tue, Jun 25, 2013 at 10:30 AM, Carlos G Mendioroz <tron_at_huapi.ba.ar>wrote:
> Depends...
> if you have only one or if you have many.
> Outside is going to be generating lots of events, inside will be more of
> a security reassurance that your filters are working. That from an IDS
> point of view.
> If in IPS mode, inside interface would let you be much more aggresive.
> My .02
> -Carlos
>
> John Pelletier @ 25/06/2013 09:52 -0300 dixit:
> > This question revolves around quantity and placement of an IPS on a
> network.
> > It is my
> > understanding you would place your IPS as close as possible ie
> > internet facing ASA to
> > your outside network. Of course every situation is
> > different in regards to what you want
> > to protect so this is a more general aka
> > best practices question.
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
>
> --
> Carlos G Mendioroz <tron_at_huapi.ba.ar> LW7 EQI Argentina
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Marc Abel CCIE #35470 (Routing and Switching) Blogs and organic groups at http://www.ccie.netReceived on Tue Jun 25 2013 - 10:32:57 ART
This archive was generated by hypermail 2.2.0 : Mon Jul 01 2013 - 06:58:42 ART