IPS 4240 - additional card
Hello
Does anyone know, when will be available 4xFE cards for IPS-4240 (for total 8 interfaces)?
Kind regards
Krzysztof
The option card for IPS-4240/4255 sensors will be a card 4GE to support copper (RJ45) and fiber (SX) connections. It will allow a total of 8 RJ45 interfaces or 4 SX fiber interfaces (and 4 RJ45 interfaces) on these platforms. Unfortunately, it will be probably available for another 9 months or more.
Tags: Cisco Security
Similar Questions
-
Deployment of Cisco IPS 4240 devices
I can't find all the information about the Cisco IPS 4240 features massive deployments. I have 6 devices, I intend to drive to several remote sites and tie in a centralized unit of Cisco MARCH. Without the help of any CSM/LMS software, is there a quick and dirty to pull this off? I think to set up a single IPS appliance, then pull and distribute the configuration file for the remaining devices. I would like to see how others have done this...
If all of your sensors are of the same type (all 4240 to your situation) and will execute all the even correct configuration, then the copy command will help out you.
There is a new feature added to the copy command in IPS 6.1 which will help you during the copying of config of one sensor to another.
Complete you configure a sensor (using IME, IDM or CLI). When you are satisfied with the configuration, and then use the command copy to copy ON a server of SCP.
Now bringup a second sensor and configure basic networking through the Installer settings (ip address, gateway, etc...).
Now, use the command copy to copy the first configuration of sensors from the SCP server in the running of the second probe configuration on the second.
It will ask you to change the network settings on the second probe.
Answer n °
The rest of the configuration of the probe first copy will be placed in the second sensor.
The second sensor will keep its own unique IP address but win the rest of the configuration of the config of the first probe.
Continue to do this with additional sensors.
The process can then be repeated every time that additional changes are made to the first sensor.
Remember though that this only works if the configuration of the probe will be exactly duplicated (including what interfaces would be monitored and how).
If each sensor will have some unique tunings, then you need to manage each sensor on its own or buy CSM which can be used to share only parts of the configuration of multiple sensors.
-
I have two IPS 4240 s that can be placed between our internal network and our extranet firewall. The game of firewall is your pair of standard assets/ASA-5520 switch connected to both switches.
Q1 - if I'm not worried about atomic attacks, is there another advantage that IPS inline on promiscuity?
Is Q2 - If inline or promiscuity, necessary to connect the unique IPS for two switches in order to receive packets when a failover of the SAA occurs? If so, does physically or through RSPAN?
Q3 - if the IPS fails and it is set online, interfaces fail open (traffic continues to pass) or closed (traffic is removed)? I couldn't find that on the Cisco site.
Thank you!
"Promiscuous" mode, you can use a 4240 and extend the output of each switch in two interfaces of remote sensing of the 4240 (it has four available). A single 4240 should even be able to set up TCP sessions that span the two rails, as in the case of a failover.
-
IPS-4240 engine upgradation procedure of E3 E4
Hi all
Can someone help me to upgrade the IPS 6.0 (1) 7.0 E1 (2) E4.
What are the images need to be upgraded for this?
What is the appropriate procedure for upgradation?
Here is the version for your reference results show...
========================================
Cisco IPS #.
Cisco-IPS # sh ver
Application partition:Cisco Intrusion Prevention System, Version 1.0000 E3
Host:
Domain keys key1.0
Definition of signature:
Update of the signing S479.0 2010-03-19
Virus update V1.4 2007-03-02
OS version: 2.4.30 - IDS-smp-bigphys
Platform: IPS-4240-K9
Serial number: JMX1244L0PK
License expires: December 31, 2010 UTC
Sensor time is 211 days.
With the help of 1439252480 of 1984552960 memory available bytes (72% of use)
the application data uses 44.0 M off 166,8 M bytes of disk space available (28% of use)
startup is using 39.7 M off 68.6 M bytes of disk space available (61% of use)MainApp to E-2008_OCT_16_16_24 (release) 2008-10-16 T 16: 40:57 - 0500 Running
AnalysisEngine-E-2008_OCT_16_16_24 (release) 2008-10-16 T 16: 40:57 - 0500 Running
CLI-E-2008_OCT_16_16_24 (release) 2008-10-16 T 16: 40:57 - 0500Upgrade history:
* IPS - GIS - S465 - req - E3 23:00:43 UTC Thursday, January 28, 2010
IPS-GIS-S479-req - E3.pkg 00:05:37 UTC Wednesday, April 7, 2010Version 1.1 - 1, 0000 E3 recovery partition
Valid certificate from the host: November 17, 2008 to November 18, 2010
Cisco IPS #.
Cisco IPS #.
=================================
Kind regards
Anuj Pratap
No, do not reimage system (IPS-4240-K9-sys-1.1-a-7.0-2-E4.img), which would eliminate all of your configuration.
Just perform the upgrade using this upgrade file: IPS-K9-7, 0-2 - E4.pkgand which would automatically be updated to 7.0.2 (E4).
-
The Upgrade Version of the engine on IPS-4240
Hello
I'm running a sensor IPS 4240 with engine Version 7.0 (1) E3 and the sensor will always have a strong canvassing from 97 to 98%. It's recommended to update the sensor to the latest version of the engine, considering the amount of load top right now?
Thank you
Kiran
Hi Kiran,
You need to update the engine at it, since you cannot use the latest signature definitions without being on the latest engine. As long as you don't see packets ignored at the level of the interface of detection, it is fine for the use of the CPU which is high. If you start to see rejected the packages that you need to reduce the amount of traffic being sent to the probe or reduce (by clearing and retreating) the number of signatures inspection of the traffic on the sensor.
Best regards
Justin
-
Hi all
I have one unit of IPS-4240. I want to know if my sensor or the unit itself fails / stops, is there an option where in my traffic will be passed so that there is no downtime.
Thank you
Pratik
You can configure the sensor when it is inline with inline-bypass 'auto' mode mode so when the unit does not work, it will just pass through traffic without inspection, however, if the sensor is completely shutdown, then no, the traffic will be dropped when in inline mode.
Here is more information on derivation inline mode:
However, if she is in promiscious mode, so you don't have to worry about this because the package is not "inline" and will cause no disruption.
Hope that helps.
-
Not entirely taken TLS supported in Cisco IPS 4240
I am trying to contact a Cisco IPS 4240 device while having security settings FIPS enabled on the client using SSL. This is not possible because the device does not support TLS extensions in the Client Hello packet (RFC 5746) sent by the client when using TLS (SSL3 and lower are not FIPS compatible). The IDM application that communicates with the device does not send these extensions (im seeing this with WireShark) TLS is able to connect to it.
Is it possible to provide the 4240 support these TLS extensions?
This is related to the bugs below. The original solution will be included in the 7.1.5 release which is preparing to take in charge the platform 4240 among others. This will allow the Web server IPS to ignore short-term extensions. The long-term solution will require an update to the Web server so that it is fully compliant with RFC 5746.
Todd
-
HP Pavilion Slimline s5737c-b second addition card NIC
Can you tell me if it is possible to add a second NETWORK card on my PC? I need access to another system with my PC using a cable network without interupting my current network access.
Thank you!
Hello
See this article on the use of multiple network cards in one computer. In short, you need two independent subnets if the switch will get confused. In addition, you need a NETWORK card supporting two independent active subnets.
-
Is this not the right part. the update of the GIS 4240 IPS license? CON-SUSA-IPS4240S
I can only find this part number in the ordering tool: CON-SUI-IPS4240, which also has a SMARTNet Support?
What is do we need just to have updates of GIS?
Thank you
You cannot buy a stand-alone appliance IPS IPS subscription.
You can buy either of the following:
(1) CON-SUI-IPS4240 for example which includes Smartnet for hardware, software, and the IPS subscription.
OR /.
(2) CON-SUSA-IPS4240 contracts are sold only to customers who have purchased a support hardware and software through a reseller/partner contract.
CON-SUSA... cannot be sold on its own, it must be sold in conjunction with the reseller/partner support contract.
Hope that helps.
-
Hello
4240 running in HA mode?
Or should I look at 4255 if I need to work in HA mode?
Kindly help me with this info... Thanks in advance.
Kind regards
RAMJust to add a little bit to Bob's response. It is possible for the HA, but as mentioned above, it is not HA as you would expect of a firewall and requires significant network planning and is rather technical in nature.
The best documentation I could find about the designs HA is in chapter 21 - "Deploying Cisco IPS for high availability" and High Performance of Earworms security CCNP 642-627 official Cert Guide, ISBN: 9780132372107. She gets quite detailed and explains a large number of different methods.
I was also able to find some information on this site, but it is at a higher level and does not provide as many options.
https://www.NetworkWorld.com/community/node/18384
I had to work HA in some of our environments, and I'm here to tell you, plan ahead, far in advance, test several methods to find one that suits. We were using a method that I just couldn't find it mentioned anywhere.
-
IPS-4240-K9 IDM number 6.2 control events
Hello world
I noticed a tangled because of edge idm monitoring events. It does not show alerts, I noticed on the page of welcome home/netwrok security health sensor cyrcle. During the last 5 minutes sensor shows, for example, 10 red alerts, but when I switch on the dashboard of events - there is nothing on this table...
Several days ago, I saw some periodic alerts on 4003 signature - nmap udp scan. Happening in the course of the week, and I think that quaintity of alerts real tine on the sensor cyrcle of health and on the table of events were the same.
only that I now note 3041 signature and a few times errorMessage:-store event wrapped autour [IdsEventStore::writeEvent (), index As Integer = 19531] name = errWarning
I read a few notes about this error, but do not understand what what do I change to display real-time alerts and signature 4003 (when idm is working properly, that it has been the main attack). confoguration virtually all of the default values. IPS works in promiscious mode
Thanks for any help and advice
Regarding the message "'errorMessage:-the event rolled around store" "
The events are stored in a circular buffer. Once the buffer is full, we simply would crush the oldest event. If you see several of these messages, it means that the number of events is really high. You can set frequency of alerts > summary Mode for signatures that shoot a lot.
Check out the following link to configure the summary Mode:
http://www.Cisco.com/en/us/products/sw/secursw/ps2113/products_tech_note09186a0080838bcf.shtml#IDM
Kind regards
Sawan Gupta
-
Help on graphics card memory and upgrade for iMac
Hello!
I need advice on a good new graphics card for iMac 27 inch end 2012. My work is mainly in animation, Visual effects and game development soon, so I need an additional card to increase my speed.
Currently, I have a NVIDIA GeForce GTX 680MX 2048 MB card. Do you think I should stick to a similar card? Is there something new that will offer me better performance at an affordable cost?
I don't have much money to spend, but I can certainly use additional graphics now.
I have also 2 remaining memory locations that accepts DDR3 1600 MHz memory module, but it seems that this module is no longer available. If I had to choose between a graphics card and RAM, which should I go with?
Finally, can I install these myself? I don't have any Apple Store around me and I do not trust the computer guys in my area.
First of all, the iMacs are notoriously difficult to make something with except add RAM. Here is a good site where you can get some info on the dismantling, etc.:
Usually, graphics cards should be replaced with the same model/type of work (if any) - see above site for this kind of info. I'm quite sure that you cannot add just one - iMac is not designed for it.
Regarding the RAM, just check out OWC for necessary RAM:
https://eShop.MacSales.com/shop/memory/iMac/2012_27/DDR3L
Check that your model is listed. I don't know where you would have been told that the RAM is no longer available (FWIW, Apple does not sell RAM and uses of third party RAM in the new Macs).
I'd go with the RAM - how many do you have now? Adding RAM is easy.
-
pictures disappear, the cards are not displayed
Some dysfunction in views - appear in fact 2 errors:
1. on some Web pages, image appears any time but then replaced by the loading symbol, reloading repeat this sequence.
2. in addition, cards are generally not displayed but remain empty (no loading symbol) right from the beginning.
I guess it has something to do with settings, modules or plugins, but could not do by disabling their functioning. It is not the site itself, as the pictures show well with the same version of Firefox on another PC.
Thanks for help.I finally solved the problem. It had to do with the profile of the user - after reset everything works fine. Good luck for those who also have this problem!
-
Pavilion p7 - 1017c: Add USB card
I would like to add for Pavilion p7 - 1017c Desktop USB card so I added USB ports. Looking for a recommendation on the expansion USB card should I buy.
@JeanM-10, welcome to the forum.
Here are a few additional cards to the StarTech that will work for you. I suggest you contact their Technical Support for help to choose the best card for your system. I've used several times their Live Chat option with very good success.
Please click on the button + Thumbs up if I helped you and click on accept as Solution If your problem is resolved.
-
New HP 2011 x 20 '' LED monitor for old Dell Dimension 2400. necessary graphics card?
My in-laws have an old Dell Dimension 2400 and the monitor exploded. I bought a new HP 2011 x 20 '' LED monitor. My WIRE went to set up, and he tells her that a HMDI graphics card is required.
This is a pretty old computer. I think he might have as... 512 MB of RAM. Is there an inexpensive graphics card that will meet their needs?
And besides, when they buy the graphics card, are there all the cables that they must reach a new monitor to an old computer?
Thank you very much!
Nice description of Dell:
Video connector to 15 holes :-)
Seems to be a VGA connector.
From the description of the monitor:
http://support.HP.com/us-en/document/c02643130
There is an also vga connector, so you will have no problem to connect the two.
No additional card is necessary, no other cable - just use the old vga cable.
Your only problem might be the resolution:
resolution 1600 x 900 set at the factory for the monitor.
I don't know if you can set the resolution to Dell, you should test.
Otherwise a 4:3 normal/old monitor would be better than this 'big screen' new.
HTH
C.
P.S. the Dell printer documentation:
http://support.Dell.com/support/eDOCS/systems/dim2400/
Maybe you are looking for
-
Close safari of multiple versions
When I press control button on Safari at the bottom of my screen on my MacBook, I see several versions of the open software (no, not only several tabs - see below). I can't close them. How to close them?
-
Satellite A200 - 14 d: 1 GB or 2 GB?
Hello Well, I have a question. Can someone explain to me which memory modules 1 or 2 GB is preferable to use? Best regardsAnd thank you for all replies
-
The good examples of the construction and analysis of the data in bytes?
Hi all Very soon, I'll have to find a way to build messages to bytes to send to a serial port and a serial port to receive and review to the basis of events out of... However, before I delve into the complexities of the serial port communication and
-
Need all drivers for HP Pavilion G1M18EA 17
Hello, I just bought a new laptop, and I have problems with the search for drivers for it. Laptop came with no cd and a Wi - Fi connection does not work without a driver, just FYI I'm a real beginner in this kind of things. Windows 7 64 bit HP Pavili
-
What is pluggable software components ActiveX?
What is activex software components-ins mmc