Cisco Cisco IPS 4255 Sensor White Paper
Technical Overview
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 6
IPS Deployments in Enterprise Data Centers
Introduction
Enterprises consolidate all their applications and servers into data centers. The services hosted by
the data center are crucial; the data center offers key functions for day-to-day business and e-
commerce transactions. The concentration of services, confidential information, and resources
make these centralized locations attractive for exploit. Attacks against these server farms can
result in losses in business and productivity, which enterprises cannot afford.
Overview
Business applications in the data center are typically built around a multitiered architecture.
Separating functions on different servers (and on different layers) allows for better performance,
better scalability, and a more secure design. The front-end layer typically hosts services that an
external client can access from outside the campus. The application and back-end layers run Web
and database services for the enterprise. The aggregation layer typically offers networking
services such as load balancing and SSL offloading.
Connectivity between these different layers is provided through access switches and routers
(Figure 1). The workflow and connectivity could be between servers, between client and server, or
even between the server and its storage elements. All these influence the choice of security
measures and products.