130 likes | 143 Views
Explore the features, management techniques, and pricing details of the Catalyst 6500 IDSM-2 service module. Learn about the upgrade program from IDSM-1 to IDSM-2 and the reasons to upgrade. Discover the benefits of enhanced intrusion protection and high-speed threat protection.
E N D
Catalyst 6500 Series IDSM-2 Service Module for the Catalyst 6500 Chassis Features, Management, Pricing & Comparisons to IDSM-1 Ver 17 Jay Bazzinotti Product Manager April, 2003 IDSM-2
IDSM-2 Module for the Catalyst 6500 Chassis • Catalyst-integrated security module delivering full-featured intrusion protection • Industry-exclusive product providing high speed threat protection • Promiscuous operation with no impact on Catalyst performance or reliability • Common code base for consistent features and signature updates • Enhanced management simplifying deployment
Catalyst 6500 Series IDSM Modules * 600Mbps using 450 byte HTTP packets, with 4000 new TCP cps and 500K concurrent connections at100% alarm rate IDSM-1 EOS on April 21, 2003. We are no longer taking orders
ApplianceServicePricing Service Key: SNT = 8 X 5 X Next Business Day SNTE = 8 X 5 X 4 Hour service SNTP = 24 X 7 X 4 Hour service OS = 8 X 5 X Next Business Day service Onsite OSE = 8 X 5 X 4 Hour service Onsite OSP = 24 X 7 X 4 Hour service Onsite IDSM-2 Service Pricing • Service modules will no longer be covered by the chassis • These are the annual service price charges per module • Service Pricing DOES NOT apply to IDSM-1!
IDSM Supervisor OS Version Support Note: A special IOS release 12.2(14)SY will be available in mid-April to support all mods but CSM and SSL 7.5(1) will work on the IDSM-2 but there is a PSIRT – use 7.6(1) Supervisor IDSM-2 Catalyst 6503
Service Module Interoperability Recommended to Use Supervisor 2 MSFC2 for Best Results Note: A special IOS release 12.2(14)SY will be available in mid-April to support all mods but CSM and SSL
IDSM-2 Supervisor Support Rank of installed base: 1) Sup1A; 2) Sup1A/MSFC1; 3) Sup1A/MSFC2; 4) Sup2/MSFC2 IOS 12.2(14)SY supports only Sup 2 Msfc 2
IDSM-2 Third Party Support & Misc • Monitoring - Netforensics - Tivoli - Red Siren • Configuration - No one yet… • No limit to number of modules in chassis • No limit to number of VLANs • Increasing number of VLANs for IDS has no impact on CAT performance • MPLS is not supported
Switch SensorCatalyst 6500 IDS Module (IDSM-2) IDSM-2 • Key Features • 5x performance of IDSM-1 • Lock-Step code and sig updates with standalone units (Release 4.0) • Supports TCP Resets • Supports CLI • Supports IP Logging • Supports VACL Capture, SPAN/RSPAN/ERSPAN • Integrated with IDM/IEV • NTP
IDSM-1 to IDSM-2 Upgrade Program IDSM-1 • IDSM-1 to IDSM-2 Upgrade Program Customers with IDSM-1 can upgrade to IDSM-2 by swap under an aggressive trade-in program • Program Details • Standard customer discount off IDSM-2 • Then take $10,000 off the result • Final number is customer price • Customer MUST return IDSM-1 (cannot be redeployed) • Program ends December, 2003 • Cannot be combined with other IDSM-2 promotions IDSM-2
Reasons to Upgrade from IDSM-1 • Performance - IDSM-2 proves 5x performance uplift • Same code as Appliance reducing dev time, training, implementation, lock step sig updates • IDSM-1 EOS April, 21 2003 • R4.0 and beyond cannot run on IDSM-1, it is locked at R3.0.5 so no advanced feature development is possible • New management capabilities such as IDM and MC do not support IDSM-1 and will not support it • Many new features supported in IDSM-2 such as CLI, SME, Fabric, RDEP, TCP Resets, more