Hi, please review this doc for a discussion of IOS Firewall and IPS DoS protection configuration:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd804e5098.html
You don't need hardware to run IOS IPS (beyong a router with enough DRAM, obviously), but to run the v5 sigs, you'll need Cisco IOS Software version 12.4(11)T or later. Your router is running a mainline image, as shown by your mention of the "...124...
The recommendation to use the 128MB.sdf or 256MB.sdf is not correct for the version of software that you're using. IOS 12.4(11)T and later use the v5 signatures, available here:http://www.cisco.com/cgi-bin/tablebuild.pl/ios-v5sigupThere is a video d...
Did you configure the Zone FW with SDM? I assume that you selected the 'medium' or 'high' security levels, which enabled http app inspection, and applied protocol conformance checking. Unfortunately, some web servers/browsers took a different inter...
IOS Firewall Stateful Failover relies on other redundancy software components that are only available on 3700, 3800, and 7200 platforms. Please send an email to ask-stg-ios-pm@cisco.com to get a more detailed response.