What is an advantage of placing an IPS on the inside of a network?
A . It can provide higher throughput.
B . It receives traffic that has already been filtered.
C . It receives every inbound packet.
D . It can provide greater security.
Answer: B
Explanation:
Firewalls are generally designed to be on the network perimeter and can handle dropping a lot of the non- legitimate traffic (attacks, scans etc.) very quickly at the ingress interface, often in hardware.
An IDS/IPS is, generally speaking, doing more deep packet inspections and that is a much more computationally expensive undertaking. For that reason, we prefer to filter what gets to it with the firewall line of defense before engaging the IDS/IPS to analyze the traffic flow. In an even more protected environment, we would also put a first line of defense in ACLs on an edge router between the firewall and the public network(s).
Source: https://supportforums.cisco.com/discussion/12428821/correct-placement-idsips-networkarchitecture
Leave a Reply