The Cisco IDS
Module for Cisco 2600, 3600, and 3700 Routers
With the recent addition of the Cisco IDS Module for the
2600XM, 3600, and 3700 Cisco routers, Cisco provides affordable and capable
intrusion detection services in small office and branch office environments. The
module provides security on WAN links and reduces operational costs through
integration with existing equipment.
The IDS module fits on a single network module on the router. It
has a 20GB onboard IDE hard disk for event storage and logging and provides a
single 10/100 Fast Ethernet port for command and control. Because it monitors
data directly from the router bus, the module does not require a monitoring
port. In a 2600XM, the IDS module can process 10 Mbps of data. In the 3600 and
3700, it can process 45 Mbps. Only one IDS module can function in the routing
device.
The IDS module runs the same Cisco IDS 4.0 software that the 4200
series IDS sensors do giving the router full IDS capabilities. Furthermore, the
module provides the ability to inspect traffic traversing the router on any
interface and, given an attack signature detection, can either shutdown router
interfaces or send TCP resets to terminate the offending TCP session
|
Note |
The IDS router module requires the IOS FW/IDS feature set
and Cisco IOS 12.2(15)ZJ or later. |
Sections
Comments (0 posted)
Syndication
