[c-nsp] ASA/AIP-SSM-10 to replace a IDS-42xx
Fred Reimer
freimer at ctiusa.com
Fri Oct 19 11:39:42 EDT 2007
You can put the ASA in transparent mode so that you don't have to
"route" through it, but the traffic does have to pass through the
device. The external Ethernet interface on the AIP is strictly
for management only...
Fred Reimer, CISSP
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
jcovini at free.fr
Sent: Friday, October 19, 2007 11:16 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] ASA/AIP-SSM-10 to replace a IDS-42xx
Hi,
Is it possible to use an ASA with a AIP-SSM-10 like a "simple"
IDS sensor ? Idea
is to span a vlan on a switchport, then connect and use the
physical GE
interface featured on the AIP-SSM-10 module to sniff traffic and
report alerts.
No IPS functionnality is needed.
Is such a way of using AIP-SSM sensor possible ? Or, do I have to
filter the
traffic thru the underlying ASA appliance absolutely ?
Basically, I don't want to add a routing/firewall instance on my
network. Just a
transparent IDS.
-jc
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5188 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20071019/4006ed01/attachment.bin
More information about the cisco-nsp
mailing list