Cisco Cisco IPS 4345 Sensor Informationshandbuch
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
Network Solution
Barnhart chose Cisco
®
ASA 5500-X Series devices with Intrusion Prevention System (IPS) modules. Specifically,
the company placed two 5525-X devices at its Memphis headquarters and another at its disaster-recovery site near
Knoxville, TN.
The two units in Memphis give Barnhart full active-standby capability, helpi
ng ensure that the company’s network
had firewall and intrusion prevention protection even if one of the devices needed to be serviced. The active-
standby configuration also allows the IT staff to perform routine maintenance, and even handle most unforeseen
events, without working overtime.
The Cisco ASA 5525-
X bolsters the efficiency and security of Barnhart’s network by permitting it to be easily
segmented. Shinall has configured the units with segments for the Internet, Barnhart’s DMZ, and employee VPN
connections. This segmentation enables the IT group to set different access policies for different devices and
services on the network.
A network service provider manages a Multiprotocol Label Switching (MPLS) network that connects 14 of
Barnhart’s sites; that service provider also manages the Internet firewalls at its supported branches. The remaining
sites are managed by Barnhart’s own IT staff and are connected to the main office via VPN tunnels. For greater
Barnhart’s sites; that service provider also manages the Internet firewalls at its supported branches. The remaining
sites are managed by Barnhart’s own IT staff and are connected to the main office via VPN tunnels. For greater
efficiency, all the branches split traffic, so that Internet traffic goes directly to the requested website, while company
traffic uses the appropriate internal network.
Barnhart’s staff credits Cisco customer support as one of the deciding factors in expanding their network
infrastructure with a Cisco
security solution. “Every time I’ve called, it’s been outstanding customer service,” says
Shinall.
Business Results
The Cisco ASA 5525-
X with IPS is helping Barnhart’s IT staff block attacks and segment the network, providing
both better security and easier administration. It also enables employees to securely access Barnhart resources
from any of the company’s own remote sites, client sites, or wherever else they may be. With a Cisco solution in
place, Shinall says, “I feel very secure behind our ASA 5525-X active-standby pair.”
from any of the company’s own remote sites, client sites, or wherever else they may be. With a Cisco solution in
place, Shinall says, “I feel very secure behind our ASA 5525-X active-standby pair.”
The security solution at Barnhart’s headquarters integrates with branch equipment, some of which is managed by
Barnhart’s IT group and some by a network service provider. The switch to a Cisco firewall/IPS device has resulted
Barnhart’s IT group and some by a network service provider. The switch to a Cisco firewall/IPS device has resulted
in a
number of administrative benefits to Barnhart’s IT staff. Because the intrusion prevention system is integrated
into the firewall, they only have one device to manage, and the two functions are designed to work smoothly with
one another.
Also, Barnhart’s network infrastructure equipment already consisted mainly of Cisco products, including Cisco
switches and routers at the main office and the branch sites. As a result, IT personnel were able to come up to
speed quickly on the new device. The ASA 5525-X give
s Barnhart’s IT staff better visibility into their security
configuration, so that they can spot potential problems faster and more easily.