Configuring the WSM using Device Manager # Go back one pageGo to the next page#Go to this book's Index

How Intrusion Detection SLB works

The WSM forwards IP packets to an Intrusion Detection server at the end of the filtering process. If filtering is not enabled, the WSM can forward IP packets to an IDS at the end of client processing. You must enable IDS SLB on the port and allocate a real server group for IDS Server Load Balancing. The IDS SLB-enabled WSM copies all incoming packets to this group of Intrusion Detection servers. For each session entry created on the WSM, an IDS server is selected based on the IDS server load-balancing metric.

The IDS server receives copies of all processed frames forwarded to destination devices. Session entries are maintained so that all the frames of a given session are forwarded to the same IDS server. Each IDS server must be connected directly to a different WSM port or VLAN because no field in the packet header can be substituted. Substituting a field would corrupt the packet that must also be forwarded to its real destination.

The WSM supports the following metrics for IDS load balancing:


Go back one pageGo to the next page##Go to this book's Index