Guest

Cisco Network Modules

Cisco Intrusion Detection System Network Modules

  • Viewing Options

  • PDF (168.9 KB)
  • Feedback
Connecting Cisco Intrusion Detection System Network Modules to the Network

Table Of Contents

Connecting Cisco Intrusion Detection System Network Modules to the Network

Cisco IDS Network Modules

Connecting Cisco IDS Network Modules to the Network

Cisco IDS Network Module LEDs

Online Insertion and Removal with a Cisco IDS Network Module

Related Documents

Obtaining Documentation, Obtaining Support, and Security Guidelines


Connecting Cisco Intrusion Detection System Network Modules to the Network


Revised: May 1, 2008, OL-12826-01

This guide describes how to connect Cisco Intrusion Detection System (IDS) network modules to your network. It contains the following sections:

Cisco IDS Network Modules

Cisco IDS Network Module LEDs

Online Insertion and Removal with a Cisco IDS Network Module

Related Documents

Obtaining Documentation, Obtaining Support, and Security Guidelines

Cisco IDS Network Modules

This section provides information on the Cisco IDS network module (NM-CIDS-K9) (see Figure 1)


Caution To comply with the Telcordia GR-1089 NEBS standard for electromagnetic compatibility and safety, connect the Cisco IDS network module (NM-CIDS-K9) only to intrabuilding or nonexposed wiring or cabling. The intrabuilding cable must be shielded and the shield must be grounded at both ends.

Figure 1 Faceplate for the NM-CIDS-K9 Network Module

Connecting Cisco IDS Network Modules to the Network

To connect a Cisco IDS network module to the network, use a straight-through two-pair Category 5 unshielded twisted-pair (UTP) cable to connect the RJ-45 port on the Cisco IDS network module to a switch, hub, repeater, server, or other network device. (See Figure 2.)


Note RJ-45 cables are not available from Cisco Systems. These cables are widely available and must be Category 5 cables.



Caution To comply with the Telcordia GR-1089 NEBS standard for electromagnetic compatibility and safety, connect the Cisco IDS network module (NM-CIDS-K9) only to intrabuilding or nonexposed wiring or cabling. The intrabuilding cable must be shielded and the shield must be grounded at both ends.

Figure 2 Connecting a Cisco IDS Network Module to a Fast Ethernet Hub

Cisco IDS Network Module LEDs

All network modules have an enable (EN) LED. This LED indicates that the module has passed its self-tests and is available to the router.

All Cisco IDS network modules display an additional power (PWR) LED and a CompactFlash (CF) LED on the faceplate, and two additional LEDs for the Fast Ethernet port (see Figure 3).

Figure 3 Cisco IDS Network Module LEDs

LED
Meaning

ACT

There is activity on the Fast Ethernet connection.

CF

The CompactFlash module is active.

Note Since CompactFlash is not supported on the NM-CIDS-K9, this LED is not active except during self-test.

DISK

There is activity on the 20-GB disk expansion module hard drive.

EN

The module has passed self-test and is available to the router.

LINK

The Fast Ethernet connection is available to the network module.

PWR

Power is available to the network module.


Online Insertion and Removal with a Cisco IDS Network Module

Some Cisco modular access routers allow you to replace network modules without switching off the router or affecting the operation of other interfaces. This feature is called online insertion and removal (OIR). OIR of network modules provides uninterrupted operation to network users, maintains routing information, and ensures session preservation.


Caution Unlike other network modules, Cisco IDS network modules use hard disks. Online removal of disks without proper shutdown can result in file system corruption and might render the disk unusable. The operating system on the Cisco IDS network module must be shut down in an orderly fashion before the network module is removed.


Caution Cisco routers support OIR with similar modules only. If you remove a network module, install another module exactly like it in its place. If you remove a two-slot network module (along with any installed WAN or voice interface cards), install another module and card combination exactly like it.

For a description of informational and error messages that may appear on the console during this procedure, see the hardware installation guide for your type of router.

To perform online removal of a Cisco IDS network module and insertion of a replacement, follow these steps with the router in privileged EXEC mode:


Step 1 Perform a graceful halt of the Cisco IDS network module by using the following command:

Router# service-module IDS-Sensor slot/0 shutdown
Trying 10.10.10.1, 2129 ... Open

Wait for the following status message (it may take a minute or two):

%SERVICEMODULE-5-SHUTDOWN2:Service module IDS-Sensor1/0 shutdown complete

Step 2 Unplug the network interface cable from the Cisco IDS network module.

Step 3 Loosen the two captive screws holding the Cisco IDS network module in the chassis slot.

Step 4 Slide the Cisco IDS network module out of the slot.

Step 5 Align the replacement Cisco IDS network module with the guides in the chassis slot, and slide it gently into the slot.


Note If the router is not fully configured with network modules, make sure that blank panels fill the unoccupied chassis slots to provide proper airflow.


Step 6 Push the module into place until you feel its edge connector mate securely with the connector on the backplane.

Step 7 Reconnect the network interface cable previously removed in Step 2.

Step 8 Tighten the two captive screws on the faceplate.

Step 9 Reset the Cisco IDS network module using the reset command.

Router# service-module IDS-Sensor slot/0 reset

Use reset only to recover from shutdown or failed state
Warning: May lose date on the hard disc!
Do you want to reset?[confirm]

Step 10 Press Enter to confirm the request. The Cisco IDS network module resets itself.

Step 11 Check that the network module LEDs are on and that the power and enable LEDs on the front panel also are on. This inspection ensures that connections are secure and that the new unit is operational.


Related Documents

For additional information, see the following documents and resources.

Related Topic
Document Title

Cisco IDS software documentation

Cisco Intrusion Detection System (IDS) Hardware and Software Documentation Guide
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/15593_01.htm

Regulatory compliance and safety information

Cisco Network Modules and Interface Cards Regulatory Compliance and Safety Information
http://www.cisco.com/en/US/docs/routers/access/interfaces/rcsi/IOHrcsi.html

Cisco IOS software website and reference documentation

Cisco IOS Software http://www.cisco.com/web/psa/products/index.html?c=268438303


Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html