Table of Contents
Advertisement
Chapter 1
Introducing the Sensor
Appliances
Figure 1-1
Major Types of Network Connections
1
3
2
4
In location one, the appliance is placed to monitor traffic between the
E-commerce (protected) network and the Internet. This is referred to as perimeter
protection and is the most common deployment for an appliance. This location
can be shared with firewall protection and is discussed in
Placing an Appliance on
Your Network, page
1-6.
In location two, the appliance is monitoring an extranet connection with a
business partner. Although most companies have defined policies on the use and
security of this type of connection, there is no guarantee that the network of a
partner is adequately protected. Consequently, an outsider may enter your
network through this type of connection. These extranet connections may have
firewalls as well.
In location three, the appliance is monitoring the network side of a remote access
server. Although this connection may be only for employee use, it could be
vulnerable to external attack.
In location four, the appliance is monitoring an intranet connection. For example,
the protected network of one department may contain an e-commerce site where
all the access types described so far are required. The network of another
department may contain company-specific research and development or other
engineering information and should be given additional protection.
Cisco Intrusion Detection System Appliance and Module Installation and Configuration Guide Version 4.1
1-5
78-15597-02
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor and is the answer not in the manual?
Questions and answers