Devices
Supporting the IOS Firewall IDS Features
Cisco IOS software-based intrusion detection is available on
the Cisco uBR900, 1720, 2600, 3600, 7100, 7200, and 7500 series routers, and the
RSM for Catalyst 5000 switches.
The IDS technology has been included with the firewall feature set
since version 12.1 or 12.2 of the IOS, depending on the device platform. More
models might be supported later. You must choose a feature set that contains the
firewall and IDS features when you order or upgrade the device IOS. For this
reason, a router IOS that supports the firewall features doesn’t necessarily
mean that the IDS technology is included. Figure 7-1 shows a sample of
the Cisco IOS Upgrade Planner from the Cisco web site for the model 1720 router.
Notice that the firewall features (FW) and the intrusion features (IDS) are
available in combination with various protocols and features, such as IPX. The
IOS releases with firewall features without IDS are typically capped at version
12.0(4). Memory and flash requirements often increase, as does the cost of the
IOS when additional features are added.
The following IOS image names are the latest 1720 release for IP
with the firewall features only, while the second listing includes the IDS
features. The last two entries are for a 2600 and a 7000 with RSP, respectively,
with each having Enterprise and IPSec features. The o
indicates firewall features, while the o3 indicates firewall and IDS
features.
c1700-oy-mz.120-5.T1.bin
c1700-o3y-mz.122-12a.bin
c2600-jk8o3s-mz.122-12.bin
rsp-jk8o3sv-mz.122-10b.bin
Sections
Comments (0 posted)
Syndication
