Cisco IDS Sensor Modules

Previous page
Table of content
Next page
[ LiB ]  

Along with the 4200 series appliances, Cisco has created module-based sensors. These sensor modules allow you to add full sensor capability to your existing equipment, such as routers or switches.

NM-CIDS Module

The NM-CIDS enables you to integrate 45Mbps of full IDS functionality into a Cisco router. This module is supported on Cisco 2600, 3600, and 3700 series routers. NM-CIDS has an internal 10/100 sensing interface that connects straight to the router's backplane. This sensor module also has one external 10/100BASE-TX interface, used for command and control.

Here are the standard NM-CIDS highlights:

  • 45Mbps sensing performance

  • One 10/100BASE-TX internal sensing interface

  • One 10/100/BASE-TX external control interface

The module provides TCP reset, blocking, or shunning capabilities to the host router or to other managed devices, just as a full appliance would. Figure 6.8 displays a picture of the back-panel view of this module.

Figure 6.8. NM-CIDS panel.

graphics/06fig08.gif


Table 6.5 lists and describes the NM-CIDS interfaces.

Table 6.5. NM-CIDS Interfaces

Interface

Description

int0

Internal interface on the back plane inside the router and can't been seen.

int1

Command and control (management) interface on the back panel and shown in Figure 6.8.


graphics/alert_icon.gif

The NM-CIDS does not support sending Simple Network Management Protocol (SNMP) traps or syslog error messages.


IDSM2 Module

The IDSM2 is an IDS sensor module that integrates with the Cisco Catalyst 6500 Series Switches. The module provides transparent operation via a passive operation that inspects only copies of packets and doesn't hinder performance of the switch itself. The IDSM2 can use Switched Port Analyzer (SPAN), Remote SPAN (RSPAN), or Virtual LAN access control lists (VACLs) to monitor traffic. Table 6.6 lists and describes the important IDSM2 interfaces.

graphics/note_icon.gif

The IDSM2 is covered in more detail in Chapter 7, "Cisco IDS Navigation and General Configuration Using the Command-Line Interface."


Here are the standard IDSM2 highlights:

  • Performance 600Mbps sensing performance

  • Dual 1.13GHz processors

  • Form factor 1 slot and RU

Table 6.6. IDSM2 Interfaces

Interface

Description

Port 1

TCP resets, internal interface on the back plane

Port 2

Command and control (management) interface, internal interface on the back plane

Port 7

Sensing interface, internal interface on the back plane

Port 8

Sensing interface, internal interface on the back plane


graphics/note_icon.gif

You can use the IDSM2 in any slot number above 1 in the Catalyst 6500 series switches.


graphics/alert_icon.gif

The IDSM2 can have only two SPAN sessions but unlimited VACLs. However, a Policy Feature Card (PFC) is required to support VACLs.


[ LiB ]  

Previous page
Table of content
Next page
CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 213
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
VBScript Programmers Reference
The Complete Cisco VPN Configuration Guide
Cisco CallManager Fundamentals (2nd Edition)
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy