Cisco Systems IPS4520K9, IPS4510K9 User Manual 2

Contents

CHAP T E R

7

Installing the IPS 4510 and IPS 4520

This chapter describes the Cisco IPS 4510 and IPS 4520, and includes the following sections:

• Installation Notes and Caveats, page 7-1

• Product Overview, page 7-2

• Chassis Features, page 7-3

• Specifications, page 7-9

• Accessories, page 7-10

• Memory Configurations, page 7-11

• Power Supply Module Requirements, page 7-11

• Supported SFP/SFP+ Modules, page 7-11

• Installing the IPS 4510 and IPS 4520, page 7-12

• Removing and Installing the Core IPS SSP, page 7-15

• Removing and Installing the Power Supply Module, page 7-17

• Removing and Installing the Fan Module, page 7-19

• Installing the Slide Rail Kit Hardware, page 7-20

• Installing and Removing the Slide Rail Kit, page 7-21

• Rack-Mounting the Chassis Using the Fixed Rack Mount, page 7-30

• Installing the Cable Management Brackets, page 7-33

• Troubleshooting Loose Connections, page 7-34

• IPS 4500 Series Sensors and the SwitchApp, page 7-35

Installation Notes and Caveats

Pay attention to the following installation notes and caveats before installing the IPS 4510 and IPS 4520.

Note Read through the entire guide before beginning any of the installation procedures.

OL-24002-01

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

7-1

Product Overview

Chapter 7 Installing the IPS 4510 and IPS 4520

Warning

Caution Read the safety warnings in the Regulatory Compliance and Safety Information for the Cisco Intrusion

Only trained and qualified personnel should install, replace, or service this equipment.

Prevention System 4500 Series Sensor Appliance document and follow proper safety procedures when
performing the steps in this guide.

Product Overview

The IPS 4510 delivers 3Gbps of intrusion prevention performance based on real world deployment
traffic patterns. You can use the IPS 4510 to protect multi-Gbps aggregated traffic traversing switches
from multiple subnets and for medium sized data centers. The IPS 4510 is a purpose-built device that
has support for both copper and fiber NIC environments thus providing flexibility of deployment in any
environment. Based on the ASA 5585-X chassis, the IPS 4510 provides a proven hardware environment
for stand-alone IPS protection. It ships with one power supply module, but optional redundant,
hot-swappable power supply modules are available as well as hot-swappable fan modules in case of
failures. All port numbers are numbered from right to left beginning with 0. This platform replaces the
IPS 4270-20.

The IPS 4520 delivers 5 Gbps of intrusion prevention performance. You can use the IPS 4520 to protect
multi-Gigabit networks and aggregated traffic traversing switches from multiple subnets. The IPS 4520
is a purpose-built device that has support for both copper and fiber NIC environments thus providing
flexibility of deployment in any environment. The IPS 4520 ships with two power supply modules, but
optional redundant, hot-swappable power supply modules are available as well as hot-swappable fan
modules in case of failures. All port numbers are numbered from right to left beginning with 0. It is also
based on the ASA 5585-X chassis.

Both the IPS 4510 and IPS 4520 have a console port, an auxiliary port, two 1 Gb (copper) management
ports, and a total of 10 data ports—6 GigabitEthernet copper ports and 4 SFP/SFP+ module (1 or 10 Gb)
ports.

Statement 49

7-2

Note The management ports are Management 0/0 and Management 0/1. Management 0/1 is reserved for future

use.

Note Online insertion and removal (OIR) of the SFP/SFP+ module, power supply module, and fan module is

supported.

Caution If you remove a power supply or fan module, replace it immediately to prevent disruption of service.

IDM

The IPS 4510 and IPS 4520 support the Intrusion Prevention System Device Manager (IDM) 7.1.4 and
later. IDM delivers security management and monitoring through an intuitive, easy-to-use web-based
management interface. IDM is a Java Web Start application that enables you to configure and manage
your IPS 4510 and IPS 4520. IDM is bundled with IPS 7.1. You can access it through Internet Explorer
or Firefox web browsers.

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Chapter 7 Installing the IPS 4510 and IPS 4520

IME

The Intrusion Prevention System Manager Express (IME) 7.2.3 and later also support the IPS 4510 and
IPS 4520. IME is a network management application that provides system health, events, and
collaboration monitoring in addition to reporting and configuration for up to ten sensors. IME monitors
sensor health using customizable dashboards and provides security alerts through RSS feed integration
from the Cisco Security Intelligence Operations site. It monitors global correlation data, which you can
view in events and reports. It monitors events and lets you sort views by filtering, grouping, and
colorization. IME also supports tools such, as ping, trace route, DNS lookup, and whois lookup for
selected events. It contains a flexible reporting network. It embeds the IDM configuration component to
allow for a seamless integration between the monitoring and configuration of IPS devices. Within IME
you can set up your sensors, configure policies, monitor IPS events, and generate reports. IME works in
single application mode—the entire application is installed on one system and you manage everything
from that system.

Chassis Features

This section describes the IPS 4510 and IPS 4520 chassis features and indicators. Figure 7-1 shows the
grounding lug on the left side of the chassis (when facing the front of the chassis).

Chassis Features

Figure 7-1 IIPS 4510 and IPS 4520 Side Chassis View

1 Grounding lug

OL-24002-01

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

7-3

Chassis Features

PWR

BOOT

ALARM

ACT

VPN

PS1

HDD1

PS0

HDD0

USB

RESET

0

7

6

1012345

MGMT

0

1

AUX CONSOLE

9

8

SFP/SFP+

Cisco ASA 5585-X IPS SSP

Cisco IPS 4520

21 3 4 7 8 9 10 11 12 13 14 15

331672

15 6

Chapter 7 Installing the IPS 4510 and IPS 4520

Figure 7-2 shows the front view of the IPS 4510 and IPS 4520.

Figure 7-2 IPS 4510 and IPS 4520 Front Panel Features

1 Removal screws 2 Reserved bays for hard disk drives

3 TenGigabitEthernet 0/9

(1-Gb and 10-Gb fiber SFP/SFP+ modules)

5 TenGigabitEthernet 0/7

(1-Gb and 10-Gb fiber SFP/SFP+ modules)

7 GigabitEthernet 0/0 through 0/5

(from right to left, 1-Gb copper RJ45)

9 Management 0/0

4 TenGigabitEthernet 0/8

(1-Gb and 10-Gb fiber SFP/SFP+ modules)

6 TenGigabitEthernet 0/6

(1-Gb and 10-Gb fiber SFP/SFP+ modules)

8 Management 0/1

2

(GigabitEthernet RJ45)

10 USB port

(GigabitEthernet RJ45)

11 USB port 12 Front panel indicators

13 Auxiliary port (RJ45) 14 Console port (RJ45)

15 Reset

1. Hard disk drives are not supported at this time. The hard disk drive bays are empty.

2. Reserved for future use.

3. Reserved for future use.

3

1

7-4

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Chapter 7 Installing the IPS 4510 and IPS 4520

PWR

BOOT

ALARM

ACT

VPN

PS1

HDD1

PS0

HDD0

USB

0

1

AUX CONSOLE

PWR

BOOT

ALARM

ACT

VPN

PS1

HDD1

PS0

HDD0

USB

0

1

AUX CONSOLE

253904

1

2

3

4

5

6

7

8

9

Figure 7-3 shows the front panel indicators.

Figure 7-3 Front Panel Indicators

1 PWR 2 BOOT

3 ALARM 4 ACT

5 VPN

2

7 PS0 8 HDD1

9 HDD2

1. Not supported at this time.

2. Not supported at this time.

3. Not supported at this time.

4. Not supported at this time.

4

Chassis Features

1

6 PS1

3

OL-24002-01

Table 7-1 describes the front panel indicators on the IPS 4510 and IPS 4520.

Table 7-1 Front Panel Indicators

Indicator Description

PWR Indicates whether the system is off or on:

• Off—No power.

• Green—System has power.

BOOT Indicates how the power-up diagnostics are proceeding:

• Flashing green—Power-up diagnostics are running or the system is booting.

• Green—System has passed power-up diagnostics.

• Amber—Power-up diagnostics failed.

ALARM Indicates whether a component has failed:

• Off—No alarm.

• Flashing yellow—Critical alarm.

Major failure of hardware component or software module, temperature over
the limit, power out of tolerance, or OIR is ready to remove the module.

ACT Not supported at this time.

VPN Not supported at this time.

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

1

7-5

Chassis Features

Chapter 7 Installing the IPS 4510 and IPS 4520

Table 7-1 Front Panel Indicators (continued)

Indicator Description

PS1 Indicates the state of the power supply module installed on the right when facing

the back panel:

• Off—No power supply module present or no AC input.

• Green—Power supply module present, on, and good.

• Amber—Power or fan module off or failed.

PS0 Indicates the state of the power module installed on the left when facing the back

panel:

• Off—No power supply module present or no AC input.

• Green—Power supply module present, on, and good.

• Amber—Power or fan module off or failed.

2

HDD1

HDD2

3

Indicates activity on the hard disk drive:

• Off—No hard disk drive present.

• Flashing green—Hard disk drive activity.

• Amber—Hard disk drive failure.

Indicates activity on the hard disk drive:

• Off—No hard disk drive present.

• Flashing green—Hard disk drive activity.

• Amber—Hard disk drive failure.

1. OIR is not available at this time.

2. The hard disk drive bays are reserved for future use.

3. The hard disk drive bays are reserved for future use.

7-6

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Chapter 7 Installing the IPS 4510 and IPS 4520

Cisco ASA 1200W AC

100-240V

15.0/8.0.A
56/60Hz

IN

OK

FAN

OK

OUT

FAIL

Cisco-ASA-FAN

2

4

3

5

6 2

1 7

8

Figure 7-4 shows the back panel features.

Figure 7-4 Back Panel Features

Chassis Features

1 Power supply module (corresponds to

PS1 indicator)

2 Power supply module/fan module removal

screws

3 Power supply module plug 4 Toggle On/Off switch for power supply module

5 Power supply module indicators 6 Power supply module or fan module handle

7 Fan module 8 Fan module indicator

Figure 7-5 shows the power supply module indicators.

Figure 7-5 Power Supply Module Indicators

Cisco ASA 1200W AC

100-240V

15.0/8.0.A
56/60Hz

IN

OK

FAN

OK

OUT

FAIL

253905

1 2 3

1 IN OK 2 FAN OK

3 OUT FAIL

OL-24002-01

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

7-7

Chassis Features

Chapter 7 Installing the IPS 4510 and IPS 4520

Table 7-2 describes the power supply module and fan module indicators.

Table 7-2 Power Supply Module and Fan Module Indicators

Indicator Description

IN OK Indicates status of power supply module:

• Off—No AC power cord connected or AC

power switch off.

• Green—AC power cord connected and AC

power switch on.

FAN OK Indicates status of fan module

• Off—Fan module failure or AC power switch

off.

• Green—AC power cord connected, AC power

switch on, and internal fan is running.

OUT FAIL

1. The power supply module has three output voltages—3.3V, 12V, and 50V.

• Red—Output voltage failure

1

Table 7-3 describes the Ethernet port indicators.

Table 7-3 Ethernet Port Indicators

Indicator Description

Gigabit Ethernet (RJ45)

• Left side:

–

Green—Physical activity

–

Flashing green—Network activity

• Right side:

–

Not lit—10 Mbps

–

Green—100 Mbps

–

Amber—1000 Mbps

7-8

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Chapter 7 Installing the IPS 4510 and IPS 4520

Table 7-3 Ethernet Port Indicators (continued)

Indicator Description

10-Gigabit Ethernet Fiber
(SFP+)/1-Gigabit Ethernet Fiber
(SFP)

Management port

• Left side:

–

Off—No 10-Gigabit Ethernet physical link

–

Green—10-Gigabit Ethernet physical link

–

Flashing green1—Network activity

• Right side:

–

Off—No 1-Gigabit Ethernet physical link

–

Green—1-Gigabit Ethernet physical link

–

Flashing green1—Network activity

• Left side:

–

Green—Physical activity

–

Flashing green—Network activity

• Right side:

–

Not lit—10 Mbps

–

Green—100 Mbps

Specifications

1. Flashing is in proportion to the percentage of number of packets or bytes received.

Specifications

Table 7-4 lists the specifications for the IPS 4510 and IPS 4520.

Table 7-4 IPS 4510 and IPS 4520 Specifications

Dimensions and Weight

Height 3.47 in (8.8 cm)

Width 19 in (48.3 cm)

Depth 26.5 in (67.3 cm)

Weight 50 lb (22.7 kg)

Form factor 2 RU, standard 19-inch rack-mountable

Power

Rated input voltage
(per power supply module)

Rated input frequency 50 to 60 Hz

Rated input power 1465W @ 100 VAC

Rated input current 12A (100 VAC)

–

Amber—1000 Mbps

100 to 127 VAC
200 to 240 VAC

1465W @ 200 VAC

8A (200 VAC)

OL-24002-01

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

7-9

Accessories

Chapter 7 Installing the IPS 4510 and IPS 4520

Table 7-4 IPS 4510 and IPS 4520 Specifications (continued)

Maximum heat dissipation 3960 BTU/hr (100 VAC)

5450 BTU/hr (200 VAC)

Power supply output steady state

1200W

Maximum peak

Environment

Temperature Operating 32°F to 104°F (0°C to 40°C)

Airflow Front to back

Relative humidity
(noncondensing)

Altitude Operating 0 to 3000 ft (9843 ft)

Shock Operating Half-sine 2 G, 11 ms pulse, 100 pulses

Vibration 2.2 Grms, 10 minutes per axis on all three axes

Noise 65 dBa max

Accessories

The contents of the sensor packing box contains the following items you need to install the sensor:

1200W

Nonoperating -40°F to 158°F (-40°C to 70°C)

Operating 10% to 90%
Nonoperating 5% to 95%

Nonoperating 0 to 4570 ft (15,000 ft)

Nonoperating 15 G, 170 in/sec delta V

• Sensor chassis

• Documentation

• 2 Yellow Ethernet cables

• Blue console cable PC terminal adapter

7-10

• Power cable 120V

Note The IPS 4510 ships with one power supply module installed and one power cable. The IPS

4520, ships with two power supply modules installed and two power cables.

• Screws

• Cable management brackets

• Front and rear rack-mount brackets

• Slide rail kit hardware

• Slide rail kit

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Chapter 7 Installing the IPS 4510 and IPS 4520

Memory Configurations

The IPS 4510 and IPS 4520 have up to 6 DIMM modules per CPU. DIMM population is
platform-dependent. Tabl e 7 - 5 shows the memory configurations.

Table 7-5 Memory Configurations

Model Memory

IPS 4510 24-GB DRAM

IPS 4520 48-GB DRAM

Power Supply Module Requirements

Table 7-6 lists the power supply module requirements.

Table 7-6 Power Supply Module Requirements

Memory Configurations

Output Voltage

Maximum 52.0 V 12.2. V 3.45 V

Nominal 50.0 V 12.0 V 3.35 V

Minimum 48.0 V 11.8 V 3.25 V

Output Current @ 200 VAC

Maximum 17.3 A 27.0 A 1.5 A

Minimum 0 0 0

Output Current @ 100 VAC

Maximum 17.3 A 27.0 A 1.5 A

Minimum 0 0 0

Note The IPS 4520 requires two power supply modules.

Supported SFP/SFP+ Modules

The SFP/SFP+ module is a hot-swappable input/output device that plugs into the SFP/SFP+ ports and
provides Gigabit Ethernet connectivity. The SFP and SFP+ modules are optional and not included with
the IPS 4510 and IPS 4520. You can purchase them separately. For 1 Gb, you need SFP. For 10Gb, you
need SFP+. The interfaces are called TenGigabitEthernet 0/x whether they are 10 Gb-enabled or not.

50 V 12 V 3.3 V_STBY

OL-24002-01

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

7-11