| Configuring the WSM using Device Manager |
The WSM forwards IP packets to an Intrusion Detection server at the end of the filtering process. If filtering is not enabled, the WSM can forward IP packets to an IDS at the end of client processing. You must enable IDS SLB on the port and allocate a real server group for IDS Server Load Balancing. The IDS SLB-enabled WSM copies all incoming packets to this group of Intrusion Detection servers. For each session entry created on the WSM, an IDS server is selected based on the IDS server load-balancing metric.
The IDS server receives copies of all processed frames forwarded to destination devices. Session entries are maintained so that all the frames of a given session are forwarded to the same IDS server. Each IDS server must be connected directly to a different WSM port or VLAN because no field in the packet header can be substituted. Substituting a field would corrupt the packet that must also be forwarded to its real destination.
The WSM supports the following metrics for IDS load balancing:
|
| Note: Leastconns, bandwidth, and response load balancing metrics do not apply to IDS SLB. |