Absolutely. Inline interface pairs.
Regards,
Jay McMickle CCIEx2 #35355 (R/S,Sec)
Sent from my iPhone
On May 7, 2013, at 12:06 PM, Johnny Morris <johnnymorris01_at_gmail.com> wrote:
> Hello,
>
> I have an 4270 IPS that hangs off of the 6500 core switch along with a pair
> of Virtual firewall that hang off the core switch as well, in which each
> customer has its own context FW. We have several customer VLANs off the
> 6500 which are part of the inside interface of the VFW's. We have a SPAN
> setup for the source as the inside VLANs going to destination interface of
> the 4270. Within the IPS we have VLAN pairs setup to receive the traffic on
> the VLANs and it is working fine. Also we have a virtual sensor setup for
> customer vlan traffic.
>
> We are working on upgrading the IPS software and signatures so that it is
> up to date and removing the SPAN temp until we have it up to date. As of
> now there is only 1 interface from the IPS to the core switch. Are there
> any capabilities to port-channel the IPS to the core to increase load
> capacity? Right now checking interface i see about 350 Mbps being sent
> output to the IPS from the core, With more customers we add in the future I
> would like to port-channel if capable.
>
> Sorry, I am a routing/switching guy and just getting forced into security :
> )
>
> Any recommendations to get me to the right place is much appreciated.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue May 07 2013 - 12:25:00 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 03 2013 - 06:34:34 ART