Q. We have a Cisco IDS 4210 Sensor. Will the new software run on it, and what would be needed to manage the device with the new software?
A. Cisco IPS 5.0 software supports the 4210. Inline functionality, however, is not supported on the Cisco IDS 4210 Sensor.
Q. Will an existing Cisco IDS 4200 Series Sensor be able to provide the Inline packet monitoring with version 5 software?
A. The answer depends on the specific sensor and added cards. The sensor must be supported in version 5.0, and must contain at least two sensing interfaces that can be paired together for an inline interface pair. Cisco IDS 4210 is supported in version 5.0, but contains only one sensing interface. Cisco IDS4220 is not supported in 5.0 IDS and 4230 is not supported in 5.0, but IDS 4235 is supported in 5.0 Inline if the 4FE card is installed, or if a single-Gig TC PCI card is installed. Cisco IDS 4250 is supported in version 5.0 Inline if the 4FE, Gig TX PCI card, two of the SX PCI cards, or the XL card is installed. Cisco IPS 4240 is supported in version 5.0, Inline supported (it has four sensing interfaces). IPS 4255 is supported in version 5.0, Inline is supported (it has four sensing interfaces). IDSM-2 is supported in version 5.0, Inline supported (it has two sensing interfaces). NM-CIDS is supported in version 5.0, Inline not supported (only one sensing interface).
The best reason to still upgrade to 5.0 on a 4210 is performance. I saw false positives practically disappear, fewer malicious attempts got through and it is a lot harder to evade.
I also seem to recall seeing people claiming to have added a second interface on a 4210 to make it an in-line device and was able to get it to work but not 100% sure.
HiI'm testing NAC on colleagues devices on a 3750 Switch, 2 ports configured, using 2 phones and a pc.He had external contractors in, so need to swap phones one.Soon as he did that, both phones and PC wouldn't connect, till I shut the Ports down and broug...
Cisco Champion Radio · S7|E37 Business Resiliency for your Workforce and Workplace
Today, organizations are facing changes so large, so fast, and so many—seeing acceleration of already established trends as well as unprecedented disruption—that’s making ...
Hello,i have a N5k-k5548up-af and i have a acl for trusted network which is attached to line vty and to my uplinks interface, and i have around 250 interface vlan and my interface vlans can reach bgp port or snmp port, is there nayway that tune copp to pe...
This event had place on Tuesday 22nd, Septemberat 10hrs PDT
Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role help...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...