Skip to main content
tobisfr
tobisfr
Explorer
March 12, 2019
Question

IDS / IPS between internal VLANS

  • March 12, 2019
  • 1 reply
  • 4984 views

Hi,

 

is anyone here using IDS/IPS to secure interlan LANs (VLANS) for example:

 

CLIENT VLAN to Server VLAN   = IDS Protect Server

CLIENT VLAN1 to Client VLAN2 = IDS Protect Client

 

I would like to get some experience if it works good und make sense?

We are routing our internal VLANs with the Fortigate.

 

Regards

Tobi

    1 reply

    Markus
    Markus
    New Member
    April 3, 2019

    Hi, Thats a good question. We do IDP/IDS between Client and Server VLAN. I think it depends on your environment. We have a open policy, all Notebooks can also be used at home and any user is able to install stuff. Thats why I have enabled IDS and AV between the VLANs. I'm wondering what the community means, make sense? Best

    tobisfr
    tobisfrAuthor
    Explorer
    November 11, 2019
    So long time ago an still the same question? How to use IDS/IPS correctly to secure communication in the internal network?
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    November 12, 2019

    'correct' is a strong word. No two networks are identical.

     

    Only one thing to ponder:

    if you apply IPS to client traffic load on the FGT will increase, sometimes substantially. But it's effective nonetheless - these days I cut off a client machine using bad, bad proxying (trying to circumvent the firewall??) by applying my default 'no proxy' IPS settings. Just to discover my client had installed a company proxy server, without communicating this.

    Segmenting the LAN in VLANs for functional groups (like servers) is a good practice. Securing the server VLAN may just be enough for many installations.

    Terms & ConditionsAccessibility statement