Using a Router, PIX, or IDSM as a Sensor
Both a router and a PIX Firewall can act as a sensor. However, these capabilities are somewhat limited as compared to the functionality of a standalone appliance sensor. The primary limitation in using a router or a PIX as a sensor is the number of signatures that each of them deploys in the software (59 and 57, respectively). Also, the sensor implementation on a router or a PIX cannot shun an attacker. The only attack response mechanism implemented apart from alarming is drop and reset. Another drawback in using the PIX or a router as a sensor device is throughput. The primary reason for the impact on throughput is the fact that the router and the PIX do inline intrusion detection, meaning that they inspect ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
