Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
Installing IPS-4240 and IPS-4255
Downloads: This chapterpdf (PDF - 305.0KB) The complete bookPDF (PDF - 8.52MB) | Feedback

Installing the IPS 4240 and the IPS 4255

Table Of Contents

Installing the IPS 4240 and the IPS 4255

Introducing the IPS 4240 and the IPS 4255

Front and Back Panel Features

Specifications

Connecting the IPS 4240 to a Cisco 7200 Series Router

Accessories

Important Safety Instructions

Rack Mounting

Installing the IPS 4240 and the IPS 4255

Installing the IPS 4240-DC


Installing the IPS 4240 and the IPS 4255



Note All IPS platforms allow ten concurrent CLI sessions.


This chapter describes the IPS 4240 and the IPS 4255 and how to install them. It also describes the accessories and how to install them. This chapter contains the following sections:

Introducing the IPS 4240 and the IPS 4255

Front and Back Panel Features

Specifications

Connecting the IPS 4240 to a Cisco 7200 Series Router

Accessories

Important Safety Instructions

Rack Mounting

Installing the IPS 4240 and the IPS 4255

Installing the IPS 4240-DC

Introducing the IPS 4240 and the IPS 4255

The IPS 4240 and the IPS 4255 deliver high port density in a small form factor. They use a compact flash device for storage rather than the hard-disk drives used in other sensor models. The IPS 4240 and the IPS 4255 do not support redundant power supplies.

The IPS 4240 replaces the IDS-4235. There are four 10/100/1000 copper sensing interfaces. The IPS 4240 is available with either AC or DC power. It monitors up to 250 Mbps of aggregate network traffic on multiple sensing interfaces and is inline ready. The 250-Mbps performance for the IPS 4240 is based on the following conditions:

2500 new TCP connections per second

2500 HTTP transactions per second

Average packet size of 445 bytes

Running Cisco IPS 5.1 or later


Note The 250-Mbps performance is traffic combined from all four sensing interfaces.


The IPS 4255 replaces the IDS-4250-TX. There are four 10/100/1000 copper sensing interfaces. It monitors up to 600 Mbps of aggregate network traffic on multiple sensing interfaces and is also inline ready. The 600-Mbps performance for the IPS 4255 is based on the following conditions:

6000 new TCP connections per second

6000 HTTP transactions per second

Average packet size of 445 bytes

Running Cisco IPS 5.1 or later


Note The 600-Mbps performance is traffic combined from all four sensing interfaces.


Front and Back Panel Features


Note Although the illustrations show the IPS 4240, the IPS 4255 has the same front and back panel features and indicators.


This section describes the IPS 4240 and the IPS 4255 front and back panel features and indicators.

Figure 2-1 shows the front view of the IPS 4240 and the IPS 4255.

Figure 2-1 IPS 4240/IPS 4255 Front Panel Features

Table 2-1 describes the front panel indicators on the IPS 4240 and the IPS 4255.

Table 2-1 Front Panel Indicators 

Indicator
Description

Power

Off indicates no power. Green when the power supply is running.

Status

Blinks green while the power-up diagnostics are running or the system is booting. Solid green when the system has passed power-up diagnostics. Solid amber when the power-up diagnostics have failed.

Flash

Off when the compact flash device is not being accessed. Blinks green when the compact flash device is being accessed.


Figure 2-2 shows the back view of the IPS 4240 and the IPS 4255.

Figure 2-2 IPS 4240 and IPS 4255 Back Panel Features

Figure 2-3 shows the four built-in Ethernet ports, which have two indicators per port.

Figure 2-3 Ethernet Port Indicators

Table 2-2 lists the back panel indicators.

Table 2-2 Back Panel Indicators 

Indicator
Color
Description

Left side

Green solid
Green blinking

Physical link
Network activity

Right side

Not lit
Green
Amber

10 Mbps
100 Mbps
1000 Mbps


Specifications

Table 2-3 lists the specifications for the IPS 4240 and the IPS 4255.

Table 2-3 IPS 4240 and IPS 4255 Specifications 

Dimensions and Weight
 

Height

1.75 in. (4.45 cm)

Width

17.5 in. (44.45 cm)

Depth

14.5 in. (36.83 cm)

Weight

20.0 lb (9.07 kg)

Form factor

1 RU, standard 19-inch rack-mountable

Expansion

One chassis expansion slot (not used)

Power
 

Autoswitching

100V to 240V AC

Frequency

47 to 63 Hz, single phase

Operating current

3.0 A

Steady state

150 W

Maximum peak

190 W

Maximum heat dissipation

648 BTU/hr, full power usage (65 W)

Environment
 

Temperature

Operating +32°F to +104°F (+0°C to +40°C)
Nonoperating -13°F to +158°F (-25°C to +70°C)

Relative humidity

Operating 5% to 95% (noncondensing)
Nonoperating 5% to 95% (noncondensing)

Altitude

Operating 0 to 9843 ft (3000 m)
Nonoperating 0 to 15,000 ft (4750 m)

Shock

Operating 1.14 m/sec (45 in./sec) ½ sine input
Nonoperating 30 G

Vibration

0.41 Grms2 (3 to 500 Hz) random input

Acoustic noise

60 dBa (maximum)


Connecting the IPS 4240 to a Cisco 7200 Series Router

When an IPS 4240 is connected directly to a 7200 series router and both the IPS 4240 and the router interfaces are hard-coded to speed 100 with duplex Full, the connection does not work. If you set the IPS 4240 to speed Auto and duplex Auto, it connects to the router but only at speed 100 and duplex Half.

To connect correctly at speed 100 and duplex Full, set the interfaces of both the IPS 4240 and the router to speed Auto and duplex Auto. Also, if either interface is hard-coded, you must make the connection using a crossover cable.

Accessories

The IPS 4240 and the IPS 4255 accessories kit contains the following:

DB25 connector

DB9 connector

Rack mounting kit—screws, washers, and metal bracket

RJ45 console cable

Two 6-ft Ethernet cables

Important Safety Instructions


Warning IMPORTANT SAFETY INSTRUCTIONS

This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device. Statement 1071

SAVE THESE INSTRUCTIONS

Warning Only trained and qualified personnel should be allowed to install, replace, or service this equipment. Statement 1030

Rack Mounting

To rack mount the IPS 4240 and the IPS 4255, follow these steps:


Step 1 Attach the bracket to the appliance using the supplied screws.

You can attach the brackets to the holes near the front of the appliance.


Note The top hole on the left bracket is a banana jack you can use for ESD grounding purposes when you are servicing the system. You can use the two threaded holes to mount a ground lug to ground the chassis.


Step 2 Use the supplied screws to attach the appliance to the equipment rack.

Step 3 To remove the appliance from the rack, remove the screws that attach the appliance to the rack, and then remove the appliance.


Installing the IPS 4240 and the IPS 4255


Warning Only trained and qualified personnel should be allowed to install, replace, or service this equipment. Statement 1030

Caution Follow proper safety procedures when performing these steps by reading the safety warnings in Regulatory Compliance and Safety Information for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor.

To install the IPS 4240 and the IPS 4255 on the network, follow these steps:


Step 1 Position the appliance on the network.

Step 2 Attach the grounding lug to the side of the appliance.


Note Use 8-32 screws to connect a copper standard barrel grounding lug to the holes. The appliance requires a lug where the distance between the center of each hole is 0.56 inches. The ground lug must be NRTL listed or recognized. In addition, the copper conductor (wires) must be used and the copper conductor must comply with the NEC code for ampacity. A lug is not supplied with the appliance.


Step 3 Place the appliance in a rack, if you are rack mounting it.

Step 4 Attach the power cord to the appliance and plug it in to a power source (a UPS is recommended).

Step 5 Connect the cable as shown in Step 6 so that you have either a DB-9 or DB-25 connector on one end as required by the serial port for your computer, and the other end is the RJ-45 connector.


Note Use the console port to connect to a computer to enter configuration commands. Locate the serial cable from the accessory kit. The serial cable assembly consists of a 180/rollover cable with RJ-45 connectors (DB-9 connector adapter PN 74-0495-01 and DB-25 connector adapter PN 29-0810-01).



Note You can use a 180/rollover or straight-through patch cable to connect the appliance to a port on a terminal server with RJ-45 or hydra cable assembly connections. Connect the appropriate cable from the console port on the appliance to a port on the terminal server.


Step 6 Connect the RJ-45 connector to the console port and connect the other end to the DB-9 or DB-25 connector on your computer.

Step 7 Attach the network cables to the following interfaces:

GigabitEthernet0/0, GigabitEthernet0/1, GigabitEthernet0/2, and GigabitEthernet0/3 (from right to left) are sensing ports.

Management0/0 is the command and control port.


Caution Management and console ports are privileged administrative ports. Connecting them to an untrusted network can create security concerns.

Step 8 Power on the appliance.

Step 9 Initialize the appliance.

Step 10 Upgrade the appliance with the most recent Cisco IPS software. You are now ready to configure intrusion prevention on the appliance.


For More Information

DC power guidelines are listed in Regulatory Compliance and Safety Information for the Cisco Intrusion Detection and Prevention System 4200 Series Appliance Sensor.

For more information on working with electrical power and in an ESD environment, see Site and Safety Guidelines.

For the procedure for placing IPS 4250-DC in a rack, see Rack Mounting.

For the instructions for setting up a terminal server, see Connecting an Appliance to a Terminal Server.

For the procedure for using the setup command to initialize IPS 4250-DC, see Basic Sensor Setup.

For the procedure for updating IPS-4250-DC with the most recent cisco IPS software, see Obtaining Cisco IPS Software.

If you have the IPS 4240-DC model, see Installing the IPS 4240-DC.

For the procedure for using HTTPS to log in to IDM, refer to Logging In to IDM.

For the procedures for configuring intrusion prevention on your sensor, refer to the following documents:

Installing and Using Cisco Intrusion Prevention System Device Manager 7.0

Installing and Using Cisco Intrusion Prevention System Manager Express 7.0

Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 7.0

Installing the IPS 4240-DC

The the IPS 4240-DC-K9 (NEBS-compliant) model equipped with DC-input power supply must be terminated with the DC input wiring on a DC source capable of supplying at least 15 amps. A 15-amp circuit breaker is required at the 48 VDC facility power source. An easily accessible disconnect device should be incorporated into the facility wiring.


Warning Before performing any of the following procedures, ensure that power is removed from the DC circuit. To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit breaker in the OFF position.

Note The DC return connection should remain isolated from the system frame and chassis (DC-I). This equipment is suitable for connection to intra-building wiring only.



Warning Only trained and qualified personnel should be allowed to install, replace, or service this equipment. Statement 1030

To install the IPS 4240-DC, follow these steps:


Step 1 Position the IPS 4240-DC on the network.

Step 2 Attach the grounding lug to the side of the appliance.


Note Use 8-32 screws to connect a copper standard barrel grounding lug to the holes. The appliance requires a lug where the distance between the center of each hole is 0.56 inches. The ground lug must be NRTL listed or recognized. In addition, the copper conductor (wires) must be used and the copper conductor must comply with the NEC code for ampacity. A lug is not supplied with the appliance.


Step 3 Place the appliance in a rack, if you are rack mounting it.

Step 4 Terminate the DC input wiring on a DC source capable of supplying at least 15 amps. A 15-amp circuit breaker is required at the 48-VDC facility power source. An easily accessible disconnect device should be incorporated into the facility wiring.

Step 5 Locate the DC-input terminal box.

Step 6 Power off the IPS 4240-DC.

Make sure that power is removed from the DC circuit. To make sure all power is OFF, locate the circuit breaker on the panel board that services the DC circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit breaker in the OFF position.

Step 7 Remove the DC power supply plastic shield.

Step 8 Strip the ends of the wires for insertion into the power connect lugs on the IPS 4240-DC.

Step 9 Insert the ground wire into the connector for the earth ground and tighten the screw on the connector. Using the same method as for the ground wire, connect the negative wire and then the positive wire.

1

Negative

5

Negative

2

Positive

6

Positive

3

Ground

7

Ground

4

On/Off Switch

   


Note The DC return connection to this system is to remain isolated from the system frame and chassis.


Step 10 After wiring the DC power supply, remove the tape from the circuit breaker switch handle and reinstate power by moving the handle of the circuit breaker to the ON position.

Step 11 Replace the DC power supply plastic shield.

Step 12 Power on the IPS 4240-DC from the switch at the back of the chassis.


Note If you need to power cycle the IPS 4240-DC, wait at least 5 seconds between powering it off and powering it back on.


Step 13 Initialize the IPS 4240-DC.

Step 14 Upgrade the IPS 4240-DC with the most recent Cisco IPS software.

You are now ready to configure intrusion prevention on the appliance.


For More Information

DC power guidelines are listed in Regulatory Compliance and Safety Information for the Cisco Intrusion Prevention System 4200 Series Appliance Sensor.

For more information on working with electrical power and in an ESD environment, see Site and Safety Guidelines.

For the procedure for placing IPS 4250-DC in a rack, see Rack Mounting.

For the procedure for using the setup command to initialize IPS 4250-DC, see Basic Sensor Setup.

For the procedure for updating IPS 4250-DC with the most recent cisco IPS software, see Obtaining Cisco IPS Software.

For the procedure for using HTTPS to log in to IDM, refer to Logging In to IDM.

For the procedures for configuring intrusion prevention on your sensor, refer to the following guides:

Installing and Using Cisco Intrusion Prevention System Device Manager 7.0

Installing and Using Cisco Intrusion Prevention System Manager Express 7.0

Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 7.0