Is Cisco Pix enough to serve as IDS device??

Cooky

Golden Member
Apr 2, 2002
1,408
0
76
We plan on upgrading our colo connection to 100Mbps burstable. Basically we'll get charged for the usage and we'd like to make sure the connection won't be abused, otherwise we'll get billed thousands of $$$.

All the colo has are our webservers and media storage. Most traffic consists of file downloads and web/media connections.

Do you guys think the built-in IDS feature of the Pix is enough for the task?? We're trying to accomplish it w/o having to buy additional appliances.

 

Cooky

Golden Member
Apr 2, 2002
1,408
0
76
That's what I was afraid of...but to get a dedicated Cisco IPS box it costs more than we're willing to spend for a colo location.
Do you have any suggestions or recommendations?
 

Cooky

Golden Member
Apr 2, 2002
1,408
0
76
Thank you for all the feedbacks.
Have you had good experience w/ anything other than IPS or Snort??? We'd like to use an appliance rather than a machine...w/ fairly midrange price.
Currently we have a Watchguard Firebox but we don't like it that much and will change it to Pix and/or some other IDS appliance. I've heard good things about Astaro but I think we'll have to pay premium for that too...

 

dphantom

Diamond Member
Jan 14, 2005
4,763
327
126
You also might want to consider the ASA 5500 series from Cisco. It does have IPS (not IDS) built in, anti-virus and from what I understand may be a future replacement for the PIX platform though I would hate to see PIX go away. I really like my dual 525's.
 

azev

Golden Member
Jan 27, 2001
1,003
0
76
dont know what is your moderate pricing, but check out tippingpoint.com I heard alot of good stuff about them.