Hi,
I'm looking to introduce IDS to our site using one of our 2 425's. The other 425 would perhaps perform the same function at a different site, depending on the answer to this question.
To implement IDS, does the Astaro have to be in-line with the data flow, i.e. have an incoming port which is scanned using IDS and then an outbound port for the data to continue (active), or can we use the Astaro in passive mode whereby we patch a SPAN or mirror port into one of the interfaces and have the ASG just inspect the traffic without interfering with the normal flow of data?
If the answer is that we need to run it in active mode, then we will have to use both 425's at our primary site in cluster mode in case of failure.
Thanks
Freudy
This thread was automatically locked due to age.
