Installation Guide
Page 3
... Documentation and Submitting a Service Request xvii Introducing the Sensor 1-1 How the Sensor Functions 1-1 Capturing Network Traffic 1-1 Your Network Topology 1-3 Correctly Deploying the Sensor 1-3 Tuning the IPS 1-3 Sensor Interfaces 1-4 Understanding Sensor Interfaces 1-4 Command and Control Interface 1-5 Sensing Interfaces ...1-15 Deploying VLAN Groups 1-16 Supported Sensors 1-17 IPS Appliances 1-18 Introducing the IPS Appliance 1-18 Appliance Restrictions 1-19 Connecting an Appliance to a Terminal Server 1-19 Cisco Intrusion Prevention System Appliance and Module Installation Guide for...
... Documentation and Submitting a Service Request xvii Introducing the Sensor 1-1 How the Sensor Functions 1-1 Capturing Network Traffic 1-1 Your Network Topology 1-3 Correctly Deploying the Sensor 1-3 Tuning the IPS 1-3 Sensor Interfaces 1-4 Understanding Sensor Interfaces 1-4 Command and Control Interface 1-5 Sensing Interfaces ...1-15 Deploying VLAN Groups 1-16 Supported Sensors 1-17 IPS Appliances 1-18 Introducing the IPS Appliance 1-18 Appliance Restrictions 1-19 Connecting an Appliance to a Terminal Server 1-19 Cisco Intrusion Prevention System Appliance and Module Installation Guide for...
Installation Guide
Page 13
... installatie van de apparatuur moet worden voldaan aan de lokale en nationale elektriciteitsvoorschriften. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for experienced network security administrators who install and maintain Cisco IPS sensors, including the supported IPS appliances and modules. Preface Revised: April 4, 2012, OL-18504-01 Contents This guide describes how to install...
... installatie van de apparatuur moet worden voldaan aan de lokale en nationale elektriciteitsvoorschriften. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for experienced network security administrators who install and maintain Cisco IPS sensors, including the supported IPS appliances and modules. Preface Revised: April 4, 2012, OL-18504-01 Contents This guide describes how to install...
Installation Guide
Page 15
... go to install the IPS 4240 and the IPS 4255. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS hardware and software. Describes how to get the latest IPS software and describes the naming conventions. Describes how to upgrade sensors and reimage the various sensors. Describes how to install the AIM IPS. Describes how to install...
... go to install the IPS 4240 and the IPS 4255. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS hardware and software. Describes how to get the latest IPS software and describes the naming conventions. Describes how to upgrade sensors and reimage the various sensors. Describes how to install the AIM IPS. Describes how to install...
Installation Guide
Page 17
OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at...
OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at...
Installation Guide
Page 19
... model numbers, see Supported Sensors, page 1-17. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 1-1 Figure 1-1 on page 1-2 shows how you install the sensor. For a complete list of sensors operating in either promiscuous or inline mode. In this guide, the term sensor refers to protect your network. Introducing the Sensor CH A P T E R 1 This chapter introduces...
... model numbers, see Supported Sensors, page 1-17. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 1-1 Figure 1-1 on page 1-2 shows how you install the sensor. For a complete list of sensors operating in either promiscuous or inline mode. In this guide, the term sensor refers to protect your network. Introducing the Sensor CH A P T E R 1 This chapter introduces...
Installation Guide
Page 20
...-based service. Additionally, TCP resets are enabled by default on switches, routers, and firewalls that the sensor manages. SSH and TLS/SSL are not guaranteed to protect the manager workstation. Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 1-2 OL-18504-01 Because this interface is taken. If selected as an action on non...
...-based service. Additionally, TCP resets are enabled by default on switches, routers, and firewalls that the sensor manages. SSH and TLS/SSL are not guaranteed to protect the manager workstation. Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 1-2 OL-18504-01 Because this interface is taken. If selected as an action on non...
Installation Guide
Page 35
...-SSM-AIP-20-K9 - Supported Sensors Caution Installing the most recent software on unsupported platforms. Table 1-4 lists the sensors (IPS appliances and modules) that are not supported in this document: • NRS-2E • NRS-2E-DM • NRS-2FE • NRS-2FE-DM • NRS-TR OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation...
...-SSM-AIP-20-K9 - Supported Sensors Caution Installing the most recent software on unsupported platforms. Table 1-4 lists the sensors (IPS appliances and modules) that are not supported in this document: • NRS-2E • NRS-2E-DM • NRS-2FE • NRS-2FE-DM • NRS-TR OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation...
Installation Guide
Page 36
..., network viruses, and application abuse. 1-18 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 OL-18504-01 You can configure the appliance to respond to a Terminal Server, page 1-19 Introducing the IPS Appliance The IPS appliance is a component of the IPS, a network-based, real-time intrusion prevention system. The appliance offer significant protection to your network by helping to the...
..., network viruses, and application abuse. 1-18 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 OL-18504-01 You can configure the appliance to respond to a Terminal Server, page 1-19 Introducing the IPS Appliance The IPS appliance is a component of the IPS, a network-based, real-time intrusion prevention system. The appliance offer significant protection to your network by helping to the...
Installation Guide
Page 37
... signature library. Appliances are optimized for IPS 7.0 1-19 Chapter 1 Introducing the Sensor IPS Appliances After being installed at key points in the network, the appliance monitors and performs real-time analysis of network traffic by looking for Cisco Intrusion Prevention System 7.0. • For a list of supported appliances, see Supported Sensors, page 1-17. • For a description of each IPS appliance, see the following...
... signature library. Appliances are optimized for IPS 7.0 1-19 Chapter 1 Introducing the Sensor IPS Appliances After being installed at key points in the network, the appliance monitors and performs real-time analysis of network traffic by looking for Cisco Intrusion Prevention System 7.0. • For a list of supported appliances, see Supported Sensors, page 1-17. • For a description of each IPS appliance, see the following...
Installation Guide
Page 47
...32. For More Information • For ESD guidelines, see Electrical Safety Guidelines, page 1-31. • For the procedure for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. New events might have the incorrect time because they are stamped with daylight saving time enabled and the local time is 8:04 p.m.,... -5 hours (01:04:37 UTC, the next day). Before proceeding with the IPS and related documentation and where to find it requires that pertains to 9:00 a.m. For example, if during the original sensor setup, you discover the error: the clock shows 21:00:23 CDT. To...
...32. For More Information • For ESD guidelines, see Electrical Safety Guidelines, page 1-31. • For the procedure for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. New events might have the incorrect time because they are stamped with daylight saving time enabled and the local time is 8:04 p.m.,... -5 hours (01:04:37 UTC, the next day). Before proceeding with the IPS and related documentation and where to find it requires that pertains to 9:00 a.m. For example, if during the original sensor setup, you discover the error: the clock shows 21:00:23 CDT. To...
Installation Guide
Page 49
...equipped with DC-input power supplies must be incorporated into the facility wiring. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Chapter 1 Introducing the Sensor Site and Safety Guidelines Electrical Safety Guidelines Warning Before working on a chassis or working on ...-off the power. • Do not work alone if potentially hazardous conditions exist anywhere in Regulatory Compliance and Safety Information for IPS 7.0 1-31 Disconnect power from a circuit;
...equipped with DC-input power supplies must be incorporated into the facility wiring. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Chapter 1 Introducing the Sensor Site and Safety Guidelines Electrical Safety Guidelines Warning Before working on a chassis or working on ...-off the power. • Do not work alone if potentially hazardous conditions exist anywhere in Regulatory Compliance and Safety Information for IPS 7.0 1-31 Disconnect power from a circuit;
Installation Guide
Page 61
... warnings in Regulatory Compliance and Safety Information for IPS 7.0 2-7 OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Chapter 2 Installing the IPS 4240 and the IPS 4255 Installing the IPS 4240 and the IPS 4255 Step 2 Use the supplied screws to attach the appliance to install, replace, or service this equipment. PWR...
... warnings in Regulatory Compliance and Safety Information for IPS 7.0 2-7 OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Chapter 2 Installing the IPS 4240 and the IPS 4255 Installing the IPS 4240 and the IPS 4255 Step 2 Use the supplied screws to attach the appliance to install, replace, or service this equipment. PWR...
Installation Guide
Page 64
...: - Statement 1030 2-10 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 OL-18504-01 Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 7.0 Installing the IPS 4240-DC The the IPS 4240-DC-K9 (NEBS-compliant) model equipped with...only. Installing the IPS 4240-DC Chapter 2 Installing the IPS 4240 and the IPS 4255 For More Information • DC power guidelines are listed in Regulatory Compliance and Safety Information for the Cisco Intrusion Detection and Prevention System 4200 Series Appliance Sensor. • ...
...: - Statement 1030 2-10 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 OL-18504-01 Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 7.0 Installing the IPS 4240-DC The the IPS 4240-DC-K9 (NEBS-compliant) model equipped with...only. Installing the IPS 4240-DC Chapter 2 Installing the IPS 4240 and the IPS 4255 For More Information • DC power guidelines are listed in Regulatory Compliance and Safety Information for the Cisco Intrusion Detection and Prevention System 4200 Series Appliance Sensor. • ...
Installation Guide
Page 67
... Express 7.0 - Installing and Using Cisco Intrusion Prevention System Device Manager 7.0 - Chapter 2 Installing the IPS 4240 and the IPS 4255 Installing the IPS 4240-DC Note The DC return connection to this system is to the ON position. You are listed in Regulatory Compliance and Safety Information for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. • For more information...
... Express 7.0 - Installing and Using Cisco Intrusion Prevention System Device Manager 7.0 - Chapter 2 Installing the IPS 4240 and the IPS 4255 Installing the IPS 4240-DC Note The DC return connection to this system is to the ON position. You are listed in Regulatory Compliance and Safety Information for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. • For more information...
Installation Guide
Page 74
... POWER FLASH STATUS Cisco IPS 4260 series Intrusion Prevention Sensor 153095 ID There are configured to completely avoid link status changes and drops. Front and Back Panel Features Chapter 3 Installing the IPS 4260 Hardware Bypass and Link Changes and Drops Properly configuring and deploying hardware bypass protects against complete link failure if the IPS appliance experiences a power loss...
... POWER FLASH STATUS Cisco IPS 4260 series Intrusion Prevention Sensor 153095 ID There are configured to completely avoid link status changes and drops. Front and Back Panel Features Chapter 3 Installing the IPS 4260 Hardware Bypass and Link Changes and Drops Properly configuring and deploying hardware bypass protects against complete link failure if the IPS appliance experiences a power loss...
Installation Guide
Page 83
... and qualified personnel should be allowed to install, replace, or service this equipment. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Chapter 3 Installing the IPS 4260 Installing the IPS 4260 Step 5 Install four 8-32x7/16" SEMS screws through the clearance slots in Regulatory Compliance and...
... and qualified personnel should be allowed to install, replace, or service this equipment. OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Chapter 3 Installing the IPS 4260 Installing the IPS 4260 Step 5 Install four 8-32x7/16" SEMS screws through the clearance slots in Regulatory Compliance and...
Installation Guide
Page 87
... Cisco warranty. The chassis cover protects the internal components, prevents electrical shorts, and provides proper air flow for IPS 7.0 3-19 Upgrading the IPS 4260 does not require any special tools and does not create any radio frequency leaks. Step 3 Step 4 Step 5 Step 6 Step 7 Power off : sensor# reset powerdown Wait for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor...
... Cisco warranty. The chassis cover protects the internal components, prevents electrical shorts, and provides proper air flow for IPS 7.0 3-19 Upgrading the IPS 4260 does not require any special tools and does not create any radio frequency leaks. Step 3 Step 4 Step 5 Step 6 Step 7 Power off : sensor# reset powerdown Wait for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor...
Installation Guide
Page 99
...appliance is rebooted; Figure 4-5 IPS 4270-20 Front View Switches/Indicators 1 2 3 4 5 6 7 8 Cisco IPS 4270 SERIES Intrusion Prevention Sensor UID SYSTEPMWR SMTGAMTUTMS0GMT 1 250082 OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for all connections. • Make sure the interfaces of the connected devices are configured to match the interfaces of the IPS...Changes and Drops Properly configuring and deploying hardware bypass protects against complete link failure if the IPS appliance experiences a power loss, critical hardware failure, or...
...appliance is rebooted; Figure 4-5 IPS 4270-20 Front View Switches/Indicators 1 2 3 4 5 6 7 8 Cisco IPS 4270 SERIES Intrusion Prevention Sensor UID SYSTEPMWR SMTGAMTUTMS0GMT 1 250082 OL-18504-01 Cisco Intrusion Prevention System Appliance and Module Installation Guide for all connections. • Make sure the interfaces of the connected devices are configured to match the interfaces of the IPS...Changes and Drops Properly configuring and deploying hardware bypass protects against complete link failure if the IPS appliance experiences a power loss, critical hardware failure, or...
Installation Guide
Page 107
...-hole racks. Chapter 4 Installing the IPS 4270-20 Accessories Accessories The IPS 4270-20 accessories kit contains the following: • DB-9 connector • DB-9/RJ-45 console cable • Two Ethernet RJ-45 cables • Regulatory Compliance and Safety Information for the Cisco Intrusion Detection and Prevention System 4200 Series Appliance Sensor • Documentation Roadmap for...
...-hole racks. Chapter 4 Installing the IPS 4270-20 Accessories Accessories The IPS 4270-20 accessories kit contains the following: • DB-9 connector • DB-9/RJ-45 console cable • Two Ethernet RJ-45 cables • Regulatory Compliance and Safety Information for the Cisco Intrusion Detection and Prevention System 4200 Series Appliance Sensor • Documentation Roadmap for...
Installation Guide
Page 127
...safety warnings that you work on any equipment, be aware of a 180/rollover cable with standard practices for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Note Use the console port to connect to a computer to install, replace, or service this device. Connect ...by reading the safety warnings in Regulatory Compliance and Safety Information for preventing accidents. You are rack mounting it. Install the IPS 4270-20 in Step 4 so that accompanied this equipment. Warning IMPORTANT SAFETY INSTRUCTIONS This warning symbol means danger. Statement ...
...safety warnings that you work on any equipment, be aware of a 180/rollover cable with standard practices for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor. Note Use the console port to connect to a computer to install, replace, or service this device. Connect ...by reading the safety warnings in Regulatory Compliance and Safety Information for preventing accidents. You are rack mounting it. Install the IPS 4270-20 in Step 4 so that accompanied this equipment. Warning IMPORTANT SAFETY INSTRUCTIONS This warning symbol means danger. Statement ...