Cisco Ios Ips Deployment Strategies

As discussed earlier in this chapter, the primary advantage with the Cisco IOS IPS is that it is an integrated solution that leverages existing Cisco router infrastructure to mitigate both internal and external attacks on the network with its inline capabilities.

The Cisco IOS IPS features complement Cisco IOS Firewall and virtual private network (VPN) solutions for threat protection at all entry points into the network. The Cisco IOS IPS is the perfect solution for network segments that do not require, or might not support, the use of appliance-based IPS solutions.

Although Cisco IOS IPS is ideal for any size network, several strategies are best supported by the deployment of the Cisco IOS IPS:

• Branch offices Small to medium-size branch and home offices that act as an extension of an enterprise could benefit from an integrated, cost-effective router with integrated security.

• Telecommuter sites Corporate employees who connect to their company networks via VPNs using an Internet service provider (ISP). Typically, there is little to no physical security at the remote location. An integrated VPN, IPS, and firewall security solution could provide a safe and flexible solution.

Figure 13-2 depicts a typical configuration of network connectivity between a headquarters, branch offices, and telecommuters.

0 0

Post a comment