Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
0
Helpful
1
Replies

Does WS-X6381-IDS Compatible with WS-C6500-SFM adn Native IOS

Go to solution
x-guo
Level 1
Level 1

‎12-17-2002 05:38 PM - edited ‎03-09-2019 01:26 AM

I found some puzzled info in data sheet of WS-X6381-IDS :

Catalyst Switch Platform Requirements

Requires Catalyst Operating System Version 6.1(1) or higher (not supported in native Cisco IOS® software)

Policy feature card (PFC) required for VLAN ACL "capture" functionality

Compatible with both Supervisor 1A and Supervisor 2 engines

Not compatible with the crossbar switch fabric!!!

The data sheet is publish in Nov 2002. But I can config them toghter using "Cisco Configuration Tool", and I found Native IOS higher than 12.1(8a)EX already support this module.

Another question: Manged 6381, "Cisco Secure Policy Manager" OR "Cisco Secure Intrusion Detection Director" , which is better?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎12-17-2002 09:11 PM

The data sheet you are referring to is incorrect, and needs to be updated.

The WS-X6381-IDS is supported in Native IOS version 12.1(8a)EX for Sup2/MSFC2 or later, and 12.1(11)E for Sup1a/MSFC2 if I remember correctly.

The word "compatible" when referenced with the SFM has caused some confusion. When Cisco says a card is crossbar switch fabric "compatible" it generally means that the card has the added hardware to connect it to the new crossbar fabric. The WS-X6381-IDS does not have the added hardware to connect to the new crossbar fabric.

There are several older Cisco cards that are not crossbar "compatible". Many of the 48 port 10/100 line cards that Cisco sells are not crossbar "compatible". All of these older cards are referred to as "classic" cards, meaning that they can only connect to the original "classic" backplane.

BUT these "classic" cards (of which the WS-X6381-IDS is included), can work in a switch using the SFM, and are fully supported by Cisco. So the WS-X6381-IDS is fully supported in a switch using the SFM

The SFM recognizes which cards are "compatible" and which are "classic". If all of the cards are "compatible" then it makes full use of the new crossbar fabric and can run the switch at the higher 256Gbps performance rates.

BUT if the SFM detects both "compatible" and "classic" cards then it runs the new crossbar fabric in what it is termed "truncated" mode. The SFM makes use of the new crossbar fabric as much as possible when sending packets to the "compatible" cards, but is still able to send packets on the original backplance to the "classic" cards when needed (like to the WS-X6381-IDS).

In this "truncated" mode the SFM can not run the switch at the fill 256 Gbps, because it still has to the use the original 32Gbps backplane when sending packets to the "classic" cards.

As for IDS Management Tools. Both the Cisco Secure Policy Manager and Cisco Secure Intrusion Detection Director for Unix are being replaced by the newest management tools in VMS 2.1.

VMS 2.1 is the VPN and Security Management Solution version 2.1. VMS 2.1 is a suite of different security management products for the different security devices Cisco produces (such as the Pix, the VPN Concentrator, and the Cisco IDS Sensors).

VMS 2.1 contains the Management Center for IDS (IDS MC) which is used for configuring the sensors, and the Monitoring Center for Security (Sec Mon) which is used for viewing the IDS alarms.

IDS MC, and Sec Mon are web based management tools.

The tools are installed on a Windows 2000 Server and can then be accessed by multiple users through standard web browsers on their desktops.

The VMS 2.1 is part of the Cisco Works collection of products.

VMS 2.1 was announced only about 2 months ago.

The IDS MC and Sec Mon in VMS 2.1 are the recommended IDS management tools going forward.

NOTE: The IDS MC and Sec Mon are orignally designed for Enterprise deployments. If you only have 3 or less sensors and do not want to spend the extra money for VMS 2.1 then you could use the IDM and IEV included with the sensor at no extra cost.

IDM (Intrusion Detection Device Manager) is a web browser based configuration tool that is installed on the sensor itself, and can be used to configure the single sensor.

IEV (Intrusion Detection Event Viewer) is a windows based program for alarm viewing, and can receive alarms from up to a maximum of 3 sensors.

IDM and IEV are not as feature rich as the IDS MC and Sec Mon, but IDM and IEV are included with the sensor at no extra cost.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎12-17-2002 09:11 PM

The data sheet you are referring to is incorrect, and needs to be updated.

The WS-X6381-IDS is supported in Native IOS version 12.1(8a)EX for Sup2/MSFC2 or later, and 12.1(11)E for Sup1a/MSFC2 if I remember correctly.

The word "compatible" when referenced with the SFM has caused some confusion. When Cisco says a card is crossbar switch fabric "compatible" it generally means that the card has the added hardware to connect it to the new crossbar fabric. The WS-X6381-IDS does not have the added hardware to connect to the new crossbar fabric.

There are several older Cisco cards that are not crossbar "compatible". Many of the 48 port 10/100 line cards that Cisco sells are not crossbar "compatible". All of these older cards are referred to as "classic" cards, meaning that they can only connect to the original "classic" backplane.

BUT these "classic" cards (of which the WS-X6381-IDS is included), can work in a switch using the SFM, and are fully supported by Cisco. So the WS-X6381-IDS is fully supported in a switch using the SFM

The SFM recognizes which cards are "compatible" and which are "classic". If all of the cards are "compatible" then it makes full use of the new crossbar fabric and can run the switch at the higher 256Gbps performance rates.

BUT if the SFM detects both "compatible" and "classic" cards then it runs the new crossbar fabric in what it is termed "truncated" mode. The SFM makes use of the new crossbar fabric as much as possible when sending packets to the "compatible" cards, but is still able to send packets on the original backplance to the "classic" cards when needed (like to the WS-X6381-IDS).

In this "truncated" mode the SFM can not run the switch at the fill 256 Gbps, because it still has to the use the original 32Gbps backplane when sending packets to the "classic" cards.

As for IDS Management Tools. Both the Cisco Secure Policy Manager and Cisco Secure Intrusion Detection Director for Unix are being replaced by the newest management tools in VMS 2.1.

VMS 2.1 is the VPN and Security Management Solution version 2.1. VMS 2.1 is a suite of different security management products for the different security devices Cisco produces (such as the Pix, the VPN Concentrator, and the Cisco IDS Sensors).

VMS 2.1 contains the Management Center for IDS (IDS MC) which is used for configuring the sensors, and the Monitoring Center for Security (Sec Mon) which is used for viewing the IDS alarms.

IDS MC, and Sec Mon are web based management tools.

The tools are installed on a Windows 2000 Server and can then be accessed by multiple users through standard web browsers on their desktops.

The VMS 2.1 is part of the Cisco Works collection of products.

VMS 2.1 was announced only about 2 months ago.

The IDS MC and Sec Mon in VMS 2.1 are the recommended IDS management tools going forward.

NOTE: The IDS MC and Sec Mon are orignally designed for Enterprise deployments. If you only have 3 or less sensors and do not want to spend the extra money for VMS 2.1 then you could use the IDM and IEV included with the sensor at no extra cost.

IDM (Intrusion Detection Device Manager) is a web browser based configuration tool that is installed on the sensor itself, and can be used to configure the single sensor.

IEV (Intrusion Detection Event Viewer) is a windows based program for alarm viewing, and can receive alarms from up to a maximum of 3 sensors.

IDM and IEV are not as feature rich as the IDS MC and Sec Mon, but IDM and IEV are included with the sensor at no extra cost.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents