Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Upgrading IDS 4210 from 4.1 to 5.2

I received the S253 sig update notification yesterday and for the first time it appears the text indicates that I can upgrade my IDS 4210 to the 5.2 version needed to have continued sig support. What is the upgrade path? What do I need to order? Everytime I use the PUT it only shows me the upgrade package for my current 4.1 version. I think I would much rather upgrade my current sensor than spend $$$ on purchasing a whole new one. Thanks.


Re: Upgrading IDS 4210 from 4.1 to 5.2

Bad news. The 4210 is EOL:

If you do not have a current SU1 on this appliance, you will not be able to purchase a new one for the 4210.

It is, however, technically possible to run 5.x on the 4210 according to the release notes:

It will not perform well however. Also the latest IPS version is 5.1. There is not a version 5.2 yet.

HTH pls rate!

New Member

Re: Upgrading IDS 4210 from 4.1 to 5.2

Yeah, I understand that it is EOL. That is why I was stunned to see the verbiage that indicated it could be upgraded to the 5.1 version. I HAD an SU1. I don't know if it is current. It WAS current when they first announced 5.1 release. But, the PUT would never reflect the correct part order for the 5.1 upg. I tried to do it via phone one time and they (cisco) still sent me the 4.x version upg box. Oh well.

Cisco Employee

Re: Upgrading IDS 4210 from 4.1 to 5.2

When you get to 5.1.3, you will need to install a license to apply sigupdates. Here is the upgrade path:

- upgrade to 5.0.1

- upgrade to 5.1.1

- upgrade to 5.1.3

- install license

- upgrade to lastest sigupdate

NOTE: Due to the 4210's low mem (256 Meg), you may hit an issue upgrading to 5.0.1 where sensorApp runs out of memory building its internal tables. The symptoms are that you will get an AnalysisEngine busy message when attempting to upgrade from 5.0.1 to 5.1.1. If you have given the sensor a reasonable time to rebuild its tables after the upgrade to 5.0.1 (5 min to 30 min) then log into the service account and check to see if sensorApp is still running "ps -ef". If it is not, then you will need to run the recover command (from CLI, "recover app"). You will lose your signature config settings when you recover. Wait until after you upgrade to 5.1.3 to add the sig cfg settings back.

Cisco Employee

Re: Upgrading IDS 4210 from 4.1 to 5.2

Just to add a little more information.

The IDS-4210 has been End of Saled, but not yet End Of life.

The IDS-4210 IS capable of running IPS version 5.1 software and will continue to receive signature updates as long as IPS 5.1 signature updates continue to be created.

No date has yet been announced for when IPS 5.1 signature updates will stop, but I would expect no less that 18 months from now.

An IPS Service Contract and associated Signature Update License is required for installing signature updates in IPS 5.1.

If you already have an IPS Service Contract then you can upgrade to 5.1 and request the associated License for your sensor.

(NOTE: A Service Contract has always been required for the installation of signature updates, but was previously not enforced by software. It is now being enforced by the IPS 5.1 software through the use of the License received through the Service Contract)

As for memory requirements. The following is stated in the 5.0(1e) Readme file:

- 512 MB of RAM memory on the IDS-4210, IDS-4210-K9, and IDS-4210-NFR (NOTE: this upgrade is no longer available as the IDS-4210-MEM-U= part has been end-of-saled).

If you previously upgraded to 512MB then you are fine.

If not, you would need to open the IDS-4210 and determine what the memory part number is and attempt to purchase additional memory matching that part number from any vendor that you can find (does not have to have been specifically sold by Cisco, but should match the part number of the memory already in the system). The memory is longer being manufactured so Cisco was no longer able to sell that part.

You should NOT attempt to install 5.0 or 5.1 on a sensor running only 256MB of memory. The sensor will never run properly.

Specific upgrade files to use:




If you do not already have an IPS Service Contract for your sensor, then you need to contact your Cisco Sales Representative. The last day you could have purchased a new service contract for the IDS-4210 was back on December 6, 2004.

Yoru Cisco Sales Representative may be able to give you a discount on upgrading your IDS-4210 to a newer IDS-4215.

Cisco Employee

Re: Upgrading IDS 4210 from 4.1 to 5.2

Thanks, Marco. Yes, I meant 512 not 256 Meg in my previous response. The 5.1 sensorApp process itself will easily consume 256 Meg.

Cisco Employee

Re: Upgrading IDS 4210 from 4.1 to 5.2

Looking at one of ours in the lab, it appears that, generically, the memory is PC100, 256M, ECC, Unbuffered. There is room for 4 DIMMs, but if I recall correctly, the hardware is limited to 512MB. The OEM manf. of the sensor is Dell and it was sold by Dell as their PowerApp 100 Web. Dell no longer supports the hardware and Crucial has no solution for the PowerApp 100 Web either. Hopefully this information will let you locate some memory for the device.

CreatePlease to create content