Table Of Contents
Installing NM-CIDS
Specifications
Software and Hardware Requirements
Hardware Architecture
Front Panel Features
Interfaces
Installation and Removal Instructions
Required Tools
Installing NM-CIDS
Installing NM-CIDS Offline
Installing NM-CIDS Using OIR Support
Removing NM-CIDS
Removing NM-CIDS Offline
Removing NM-CIDS Using OIR Support
Blank Network Module Panels
Installing NM-CIDS
This chapter lists the software and hardware requirements of NM-CIDS, and describes how to install and remove it.
Note 
In Cisco IOS documentation, NM-CIDS is referred to as the Cisco IDS network module.
Note NM-CIDS does not support inline (IPS) mode. It can only be configured for promiscuous (IDS) mode.
This chapter contains the following sections:
•Specifications
•Software and Hardware Requirements
•Hardware Architecture
•Front Panel Features
•Interfaces
•Installation and Removal Instructions
Specifications
Table 8-1 lists the specifications for NM-CIDS.
Table 8-1 NM-CIDS Specifications
Specification
|
Description
|
Dimensions (H x W x D)
|
1.55 x 7.10 x 7.2 in. (3.9 x 18.0 x 19.3 cm)
|
Weight
|
1.5 lb (0.7 kg) (maximum)
|
Operating temperature
|
+32° to +104°F (+0° to +40°C)
|
Nonoperating temperature
|
-40° to +185°F (-40° to +85°C)
|
Humidity
|
5% to 95% noncondensing
|
Operating altitude
|
0 to 10,000 ft (0 to 3,000 m)
|
Software and Hardware Requirements
NM-CIDS has the following software and hardware requirements.
NM-CIDS supports the following software:
•Cisco IOS software 12.2(15)ZJ or later
•Cisco IOS software 12.3(4)T or later
•Cisco IDS software 4.1 or later
Caution Do not confuse Cisco IOS IDS (a software-based intrusion-detection application that runs in the Cisco IOS) with the IDS that runs on NM-CIDS. NM-CIDS runs Cisco IPS 5.0. Because performance can be reduced and duplicate alarms can be generated, we recommend that you do not run Cisco IOS IDS and Cisco IPS 5.0 simultaneously.
NM-CIDS supports the following feature sets:
•IOS IP/FW/IDS
•IOS IP/FW/IDS PLUS IPSEC 56
•IOS IP/FW/IDS PLUS IPSEC 3DES
•IOS IP/IPX/AT/DEC/FW/IDS PLUS
•IOS ENTERPRISE/FW/IDS PLUS IPSEC 56
•IOS ENTERPRISE/FW/IDS PLUS IPSEC 3DES
•IOS Advanced Security
•IOS Advanced IP
•IOS Advanced Enterprise
Table 8-2 lists supported and unsupported platforms for NM-CIDS.
Table 8-2 Supported and Unsupported Platforms
Router
|
NM-CIDS
|
Cisco 2600 series
|
No
|
Cisco 2600XM series
|
Yes
|
Cisco 2691
|
Yes
|
Cisco 3620
|
No
|
Cisco 3631
|
No
|
Cisco 3640, Cisco 3640A
|
No
|
Cisco 3660
|
Yes
|
Cisco 3725
|
Yes
|
Cisco 3745
|
Yes
|
Note The supported Cisco series routers only support one NM-CIDS per chassis.
Table 8-3 lists the hardware specifications for NM-CIDS.
Table 8-3 Hardware Requirements
Feature
|
Description
|
Processor
|
500 Mhz Intel Mobile Pentium III
|
Default SDRAM
|
512 MB
|
Maximum DSRAM
|
512 MB
|
Internal disk storage
|
NM-CIDS 20-GB IDE
|
Hardware Architecture
NM-CIDS has the following hardware architecture:
•Back-to-back Ethernet, which provides interface-level connectivity to the router.
•100-Mbps full-duplex interface between the router and the module.
•Back-to-back UART, which provides console access from router side.
•Console access to the module from the router.
•External FE interface, which provides a command and control interface.
Figure 8-1 shows the hardware architecture of NM-CIDS.
Figure 8-1 NM-CIDS Hardware Architecture
Front Panel Features
Figure 8-2 shows the front panel features of the NM-CIDS.
Figure 8-2 Front Panel Features
Table 8-4 describes the NM-CIDS states as indicated by the status indicators.
Table 8-4 Status Indicators
Indicator
|
Description
|
ACT
|
Activity on the fast ethernet connection.
|
DISK
|
Activity on the IDS hard-disk drive.
|
EN
|
NM-CIDS has passed self-test and is available to the router.
|
LINK
|
Fast Ethernet connection is available to NM-CIDS.
|
PWR
|
Power is available to NM-CIDS.
|
Interfaces
The router-side fast ethernet interface is known as "interface IDS-Sensor." This interface name appears in the show interface and show controller commands. You must assign the IP address to the interface to get console access to IDS.
Caution We recommend that you assign a loopback address on the monitoring interface, otherwise if the IP address is advertised through routing updates, the monitoring interface can become vulnerable to attacks.
For the procedure for assigning the IP address to gain access to the console and for setting up a loopback address, refer to Configuring Cisco IDS Interfaces on the Router.
Installation and Removal Instructions
You must install NM-CIDS offline in Cisco 2650XM, 2651XM, and 2961 series routers.
Caution To avoid damaging NM-CIDS, you must turn OFF electrical power and disconnect network cables before you insert NM-CIDS into a chassis slot or remove NM-CIDS from a chassis slot.
Cisco 3660 and Cisco 3700 series routers lets you replace network modules without switching off the router or affecting the operation of other interfaces. OIR provides uninterrupted operation to network users, maintains routing information, and ensures session preservation.
Note Cisco 2600, 3600, and 3700 series routers support only one NM-CIDS per chassis.
Caution Unlike other network modules, NM-CIDS uses a hard-disk drive. Online removal of hard-disk drives without proper shutdown can result in file system corruption and might render the hard-disk drive unusable. The operating system on NM-CIDS must be shut down in an orderly fashion before it is removed.
This section contains the following topics:
•Required Tools
•Installing NM-CIDS
•Removing NM-CIDS
•Blank Network Module Panels
Required Tools
You need the following tools and equipment to install NM-CIDS in a Cisco modular router chassis slot:
•#1 Phillips screwdriver or small flat-blade screwdriver
•ESD-preventive wrist strap
•Tape for DC circuit breaker handle
Installing NM-CIDS
This section describes how to install NM-CIDS off line and using OIR support, and contains the following topics:
•Installing NM-CIDS Offline
•Installing NM-CIDS Using OIR Support
Installing NM-CIDS Offline
You can install NM-CIDS in the chassis either before or after mounting the router, whichever is more convenient.
 |
Warning Only trained and qualified personnel should be allowed to install or replace this equipment. To see translations of the warnings that appear in this publication, refer to the Regulatory Compliance and Safety Information document that accompanied this device.
|
Caution ESD can damage equipment and impair electrical circuitry. Always follow ESD prevention procedures when removing and replacing cards. For more information see
Site and Safety Guidelines.
To install NM-CIDS, follow these steps:
Step 1 Turn OFF electrical power to the router.
To channel ESD voltages to ground, do not unplug the power cable.
Step 2 Remove all network interface cables, including telephone cables, from the back panel. The following warning applies to routers that use a DC power supply:
|
Warning Before performing any of the following procedures, ensure that power is removed from the DC circuit. To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit breaker in the OFF position.
|
Step 3 Using either a #1 Phillips screwdriver or a small flat-blade screwdriver, remove the blank filler panel from the chassis slot where you plan to install NM-CIDS.
Save the blank panel for future use.
Step 4 Align NM-CIDS with the guides in the chassis and slide it gently into the slot.
Step 5 Push NM-CIDS into place until you feel its edge connector mate securely with the connector on the motherboard.
Step 6 Fasten the captive mounting screws of NM-CIDS into the holes in the chassis, using a Phillips or flat-blade screwdriver.
Step 7 If the router was previously running, reinstall the network interface cables and turn ON power to the router.
The following warning applies to routers that use a DC power supply:
|
Warning After wiring the DC power supply, remove the tape from the circuit breaker switch handle and reinstate power by moving the handle of the circuit breaker to the ON position.
|
Step 8 Connect the command and control port to a hub or switch.
Step 9 Check that NM-CIDS indicators light up, and that the Active/Ready indicators on the front panel also light up.
Step 10 Initialize NM-CIDS.
For the procedure, see Initializing the Sensor.
Step 11 Upgrade NM-CIDS to the most recent Cisco software.
For the procedure, see Obtaining Cisco IPS Software.
You are now ready to configure intrusion detection on NM-CIDS.
For More Information
•For the procedure for using HTTPS to log in to IDM, refer to Logging In to IDM.
•For the procedures for configuring intrusion prevention on your sensor, refer to the following documents:
–Installing and Using Cisco Intrusion Prevention System Device Manager 5.0
–Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 5.0
Installing NM-CIDS Using OIR Support
To install NM-CIDS using OIR support, follow these steps:
Step 1 Align NM-CIDS with the guides in the chassis slot and slide it gently into the slot.
Step 2 Push NM-CIDS into place until you feel its edge connector mate securely with the connector on the backplane.
Step 3 Tighten the two captive screws on the faceplate.
Step 4 Connect the command and control port to a hub or switch.
Step 5 Verify that NM-CIDS indicators light up, and that the Active/Ready indicators on the front panel also light up.
Step 6 Initialize NM-CIDS.
For the procedure, see Initializing the Sensor.
Step 7 Upgrade NM-CIDS to the most recent Cisco software.
For the procedure, see Obtaining Cisco IPS Software.
You are now ready to configure intrusion detection on NM-CIDS.
For More Information
•For the procedure for using HTTPS to log in to IDM, refer to Logging In to IDM.
•For the procedures for configuring intrusion prevention on your sensor, refer to the following documents:
–Installing and Using Cisco Intrusion Prevention System Device Manager 5.0
–Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 5.0
Removing NM-CIDS
This section describes how to remove NM-CIDS offline or using OIR support, and contains the following topics:
•Removing NM-CIDS Offline
•Removing NM-CIDS Using OIR Support
Removing NM-CIDS Offline
You must turn off all power to the router before removing NM-CIDS.
To remove NM-CIDS from the router chassis, follow these steps:
Step 1 Prepare NM-CIDS to be powered off:
router# service-module IDS-Sensor slot_number/0 shutdown
Trying 10.10.10.1, 2129 ... Open
Wait for the shutdown message before continuing with Step 2:
%SERVICEMODULE-5-SHUTDOWN2:Service module IDS-Sensor1/0 shutdown complete
Step 2 Turn OFF electrical power to the router.
To channel ESD voltages to ground, do not unplug the power cable.
Step 3 Unplug the command and control network interface cable from NM-CIDS.
Step 4 Loosen the two captive screws holding NM-CIDS in the chassis slot.
Step 5 Slide NM-CIDS out of the slot.
Note Either install a replacement NM-CIDS (for the procedure, see Installing NM-CIDS Offline) or install a blank panel (for the procedure, see Blank Network Module Panels).
Removing NM-CIDS Using OIR Support
Caution Cisco 3660 and Cisco 3700 series routers support OIR with similar modules only. If you remove an NM-CIDS, install another NM-CIDS in its place.
To remove NM-CIDS with OIR support, follow these steps:
Step 1 Prepare NM-CIDS to be powered off:
router# service-module IDS-Sensor slot_number/0 shutdown
Trying 10.10.10.1, 2129 ... Open
Wait for the shutdown message before continuing with Step 2:
%SERVICEMODULE-5-SHUTDOWN2:Service module IDS-Sensor1/0 shutdown complete
Step 2 Unplug the command and control network interface cable from NM-CIDS.
Step 3 Loosen the two captive screws holding NM-CIDS in the chassis slot.
Step 4 Slide NM-CIDS out of the slot.
Note Either install a replacement NM-CIDS (for the procedure, see Installing NM-CIDS Using OIR Support), or install a blank panel (for the procedure, see Blank Network Module Panels).
Blank Network Module Panels
If the router is not fully configured with network modules, make sure that blank panels fill the unoccupied chassis slots to provide proper airflow as shown in Figure 8-3.
Figure 8-3 Blank Network Module Panel
Feedback
