[c-nsp] ASA/AIP-SSM-10 to replace a IDS-42xx

Fred Reimer freimer at ctiusa.com
Fri Oct 19 11:39:42 EDT 2007


You can put the ASA in transparent mode so that you don't have to
"route" through it, but the traffic does have to pass through the
device.  The external Ethernet interface on the AIP is strictly
for management only...



Fred Reimer, CISSP
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697




-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
jcovini at free.fr
Sent: Friday, October 19, 2007 11:16 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] ASA/AIP-SSM-10 to replace a IDS-42xx

Hi,

Is it possible to use an ASA with a AIP-SSM-10 like a "simple"
IDS sensor ? Idea
is to span a vlan on a switchport, then connect and use the
physical GE
interface featured on the AIP-SSM-10 module to sniff traffic and
report alerts.
No IPS functionnality is needed.

Is such a way of using AIP-SSM sensor possible ? Or, do I have to
filter the
traffic thru the underlying ASA appliance absolutely ?

Basically, I don't want to add a routing/firewall instance on my
network. Just a
transparent IDS.

-jc
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5188 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20071019/4006ed01/attachment.bin 


More information about the cisco-nsp mailing list