Yes I agree that most of the product supports VLAN dot 1Q but important thing is if they can do so in IPS mode specially when the IPS is configured in Layer 2 mode or transparent mode. I know of Juniper ISG platform not supporting VLAN in layer 2 or transparent mode. VLAN and NAT supported only on Layer 3 mode of juniper ISG platform.
However other products like Fortigate, Proventia, iPolicy Intrusion Prevention firewall and many other products do support VLAN (dot 1Q) with IPS in Layer 2 . Good thing about iPolicy Intrusion prevention firewall is that it supports NAT as well in Layer2 while Juniper cant. U want to be absolutely sure of all the details when u are talking to any vendor regarding these kind of features. Regards, Vijay Upadhyaya ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
