I have just bought an IDS 4210 from Germany. The unit has just turned up but it looks like it has no software on it at all. The only thing I get is please insert boot diskett. There is no communication from the comms port I have to plug in a monitor and keyboard to get anything from the IDS.
Can someone help me resolve this as I have no Idea how to do this.
The first thing you want to do is look if the unit has 512 MB of RAM, if not, get some. 4.x and 5.x need that much to run. The second thing you need is a 4.x or 5.x image CD (or image on a fast TFTP Server). Now if you plan on loading 5.x you'll be looking to Cisco to buy a License for that serial number (or else you can't load signatures past Jan 06). If you load 4.x you'll be able to get fresh signatures (with a valid CCO account, of course) untill Sept 29th 2006.
Even with 5.x loaded, on a 4210 you still won't be able to do IPS packet dropping.
Since this is second hand purchased gear there is unlikely to be an existing service contract on the gear. (But who knows you might be lucky and maybe there is a service contract still in effect. You would have to contact the selling party to find out.)
To receive IPS Signature updates the sensor will need to be covered under a service contract.
So how do you get the sensor covered?
1) Get Cisco to inspect the hardware. Contact your Cisco Sales Representative for how to do this. The purchase numbers for the inspection generally start with part number "OSS-INSPECT-CAT".
Cisco won't sell a new Service Contract for hardware that has lapsed in service contract support until it has been inspected by Cisco.
2) Once inspected you will need to purchase "IPS-SW-K9-U" which is the upgrade CD. Put the CD into the sensor and power the sensor off/on. The CD will prompt for a few simple questions and then load the harddrive with a complete IPS image.
You should receive both a IPS 5.0 and an IPS 5.1 CD. You only need to use the IPS 5.1 CD to get the latest version.
NOTE: You may need to also order the Memory Upgrade for the IDS-4210 if it is not already installed before attempting to install IPS 5.0 or 5.1.
3) Puchase the service contract for your sensor.
4) Using your service contract request a license for your sensor so you can install signature updates.
5) Download and install the latest Service pack for either IPS 5.0 or IPS 5.1.
6) Download and install the latest Signature Update.
Your Cisco Sales Representative should be able to help in determining the exact part numbers for items 1-3 above. Items 4-6 are explained in the IPS documentation.
As for whether or not the IDS-4210 is capable of IPS InLine monitoring (dropping offending packets). The answer is YES.
There are 2 types of configuration for InLine monitoring.
The first was introduced in IPS 5.0 and entails pairing 2 interfaces together. This feature is not support on the IDS-4210 because it has only a single monitoring interface.
The secod was introduced in IPS 5.1 and entails pairing 2 vlans together on one interface (the sensor port is configured as a trunk port on the switch for 2 or more vlans, the 2 vlans are then paired together in the sensor's configuration). Since this feature only requires a single interface on the sensor it is supported on the IDS-4210.
With all of that said, you should also understand that the IDS-4210 is several years old.
The IDS-4210 was last sold back in 2003.
The End Of Sale/Life Notice also lists the last date to purchase a new support contract as being December 6, 2004.
So you may have difficulty in doing number 3 above.
Because of it's age the future support of the product is also very limited.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :