Guest

Cisco Services Modules

Cisco IDSM-2 Bundle with 2-Gbps Performance

  • Viewing Options

  • PDF (156.1 KB)
  • Feedback

The Cisco® Intrusion Detection System Services Module (IDSM-2) 2-Gbps bundle is an integrated network security solution that enables organizations to minimize risk, maximize business continuity, and scale to multigigabit environments while optimizing productivity.

Cisco intrusion detection and prevention (IDS/IPS) solutions enable organizations to protect their connected business assets from threats and increase their operating efficiency. As part of the Cisco Systems ® family of IDS/IPSsolutions, the Cisco IDSM-2 bundle provides protection for data network infrastructures that require multigigabit performance. Network threats continue to increase in complexity; as a result, an organization's security solution must provide effective network intrusion prevention while maintaining business continuity.

Figure 1. Cisco Catalyst 6500 Intrusion Detection Service Module-2 Bundle

The Cisco IDSM-2 bundle combines market-leading intrusion prevention and switching into a single system that provides up to 2 Gbps of intrusion prevention performance. The bundle includes the Cisco Catalyst ® 6506-E Switch chassis, the Cisco Catalyst 6500 Supervisor Engine 32, and four Cisco IDSM-2s.
With an installed base in the hundreds of thousands, the widely deployed Cisco Catalyst chassis is a logical platform for additional services such as firewall, VPN, and IDS/IPS. The Cisco IDSM-2 is a second-generation module for Cisco Catalyst chassis, providing unique benefits to customers seeking IDS/IPS attack protection. Cisco IPS Sensor Software Version 5.x delivers inline IPS capabilities to the Cisco IDSM-2.

Features and Benefits

Table 1 lists features of the Cisco IDSM-2 bundle.

Table 1. Cisco IDSM-2 Bundle Features

Features

Details

Multigigabit Scalability

The IDSM-2 bundle provides 2 Gbps of IPS performance using 4 IDSM-2s

Hot Swap Modules

IDSM-2 insertion/removal never affects the Cisco Catalyst switch

Cisco Catalyst Chassis Benefits

• Cisco EtherChannel ® load balancing
• Supervisor engine and power redundancy
• Port density
• Combining with other services modules to provide a scalable security solution

WAN Interoperability Support

FlexWAN support

Accurate Prevention Technologies

Advanced false positive reduction features provide confidence in data passed to the internal network by the user-adjustable Meta Event Generator and Risk Rating features

Multiple Capture Techniques

• Multiple techniques include SPAN/RSPAN; VLAN access control list (ACL) capture combined with shunning; TCP resets when in passive mode; and drop actions when used inline
• Allows customers to monitor various network segments and traffic while providing timely action to mitigate threats

VLAN ACL Capture

Cisco is the only vendor to provide an in-switch IDS/IPS solution supplying access to the data stream via VLAN ACL capture

Standardized Code Base

• Uses the same IPS code as the award-winning Cisco IPS 4200 Series appliances, allowing users to standardize on a single management technique
• Simplifies and speeds up installation, training, operation, and support

Optional anti-X Integrated Services

Partnership with Trend Micro augments Cisco's native detection and mitigation capabilities with the most complete anti-X updates for timely recognition and prevention of malware-based threats

Single Device Management Using CLI or Cisco IPS Device Manager (IDM)

• Module can be configured using the CLI, which is available locally or remotely via Telnet or Secure Shell (SSH)
• Cisco IDM is a Web-based tool for sensor configuration and management. It can be accessed through Internet Explorer, Netscape, or Mozilla, and is enabled by default to use Secure Sockets Layer (SSL).

Enterprise Management and Monitoring Tools

• Cisco IDS Event Viewer (IEV) provides event monitoring for up to five devices and provides a free monitoring tool for managing IPS events
• Cisco Security Manager and Cisco Security MARS provide world-class management and monitoring for sensor deployments of all sizes

Ordering Information

Table 2. Cisco IDSM-2 Bundle Part Numbers

Part Number

Description

WS-C6506E-IPSC-K9

Includes Cisco Catalyst 6506-E Switch, Supervisor Engine 32 with 8 x 1 Gigabit Ethernet Small Form-Factor Pluggable (SFP) plus 1 x 10/100/1000 uplink port, 8 copper SFP interfaces, 4 IDSM-2s, and 1 Power-Supply 3000W

WS-C6506E-IPSF-K9

Includes Cisco Catalyst 6506-E Switch, Supervisor Engine 32 with 8 x 1 Gigabit Ethernet SFP plus 1 x 10/100/1000 uplink port, 8 multimode fiber SFP interfaces, 4 IDSM-2s, and 1 Power-Supply 3000W

WS-C6506E-IPS10GK9

Includes Cisco Catalyst 6506-E Switch, Supervisor Engine 32 with 2 x 10 Gigabit Ethernet XENPAK plus 1 x 10/100/1000 uplink port, 2 short-range 10 Gigabit XENPAK interfaces, 4 IDSM-2s, and 1 Power-Supply 3000W

Table 3. Cisco IDSM-2 Service Part Numbers

Part Number

CON-SUxx-6506IPSC

CON-SUxx-6506IPSF

CON-SUxx-6506IPSG

Table 4. Service Key for "xx" in the Part Number

Description

Description

SU1 = 8x5xnext business day

SU2 = 8x5x4-hour service

SU3 = 7x24x4-hour service

SU4 = 7x24x2xnext business day

SU01 = 8x5x4-hour service onsite

SU02 = 8x5x4-hour service onsite

SU03 = 7x24x4-hour service onsite

SU04 = 7x24x2-hours service onsite

Current Code and Signature Revision

To download Cisco IPS Sensor Software Versions 5.x and higher, visit:

• Software Release: http://www.cisco.com/cgi-bin/tablebuild.pl/ips5

• Signature Release: http://www.cisco.com/cgi-bin/tablebuild.pl/ips5-sigup

Cisco Catalyst Supervisor Engine Hardware, Software Requirements, and Interoperability

There are numerous configuration options for the Cisco IDSM-2 bundle. For more information on supported configurations, visit http://www.cisco.com/appcontent/apollo/configureHomeGuest.html.

Table 5. Regulatory Compliance

Feature

Description

Emissions

FCC Part 15 (CFR 47) Class A, ICES-003 Class A, EN55022 Class A, CISPR22 Class A, AS/NZS 3548 Class A, VCCI Class A with UTP cables, EN55022 Class B, CISPR22 Class B, AS/NZS 3548 Class B, VCCI Class B with FTP cables

Safety

CE marking according to UL 1950, CSA 22.2 No. 950, EN 60950, IEC 60950, TS 001, AS/NZS 3260

Certifications

• NEBS Level 3 pending (with Cisco Catalyst 7600 Series)
• Common Criteria Level 2 certified

Export Restrictions

The Cisco IDSM-2 is classified as a "strong encryption" product and is export restricted. For more information, visit http://www.cisco.com/wwl/export/crypto/tool/.

Additional Information

For more information about Cisco Catalyst 6500 Series Switches, visit http://www.cisco.com/go/6000.
For more information about Cisco IPS solutions, visit http://www.cisco.com/go/ips/.
For more information about Cisco and Trend Micro, visit http://www.cisco.com/en/US/products/ps6542/index.html.
For more information on Cisco Security Manager, visit http://www.cisco.com/go/csmanager.
For more information on Cisco Security MARS, visit http://www.cisco.com/go/mars.

Service and Support

Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, see Cisco Technical Support Services or Cisco Advanced Services.