1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Catalyst 6500 Series IDSM-2 Service Module for the Catalyst 6500 Chassis Features, Management, Pricing & Comparisons to IDSM-1 Ver 17 Jay Bazzinotti Product Manager April, 2003 IDSM-2

222 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM-2 Module for the Catalyst 6500 Chassis Catalyst-integrated security module delivering full-featured intrusion protection Industry-exclusive product providing high speed threat protection Promiscuous operation with no impact on Catalyst performance or reliability Common code base for consistent features and signature updates Enhanced management simplifying deployment

333 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM Modules IDSM-1IDSM-2 Performance120Mbps600Mbps* OrderableNowFebruary 2003 AvailabilityNowMarch 2003 Part NumberWS-X6381-IDS, or WS- X6381-IDS= WS-SVC-IDS2-BUN-K9, or WS-SVC-IDS2BUNK9= UgradeableNo (swap only to IDSM-2) No Code Base3.0.5 (last feature release) 4.0 (first feature release) List Price*$14,995$29,995 Covered by Chassis Service Pricing YesNo, pricing separate (see later in preso) * 600Mbps using 450 byte HTTP packets, with 4000 new TCP cps and 500K concurrent connections at 100% alarm rate Catalyst 6500 Series IDSM-1 EOS on April 21, We are no longer taking orders

444 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM Features Supported IDSM-1IDSM-2 SPAN/RSPANYes VACL CaptureYes ShunningYes IEVYesYes IDMNoYes TCP ResetsNoYes IP LoggingNoYes CLINoYes Signature Micro EnginesNoYes Same Code as AppliancesNoYes Fabric EnabledNoYes Event retrieval methodPostOffice (push)RDEP (pull) Performance120Mbps600Mbps Slot Size (form factor)1 RU Local Event Store100,000 EventsNot accessible, retrieved

555 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM-2 Service Pricing ProductService P/nSNTSNTESNTPOSOSEOSP WS-SVC-IDS2-K9 CON-XXX-WS- IDSM2-K9 $2,000$2,899$3,199$2,500$3,624$3,999 Service modules will no longer be covered by the chassis These are the annual service price charges per module Service Pricing DOES NOT apply to IDSM-1! SNT = 8 X 5 X Next Business Day SNTE = 8 X 5 X 4 Hour service SNTP = 24 X 7 X 4 Hour service OS = 8 X 5 X Next Business Day service Onsite OSE = 8 X 5 X 4 Hour service Onsite OSP = 24 X 7 X 4 Hour service Onsite Service Key: Appliance Service Pricing

666 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM Supervisor OS Version Support IDSM-1 (120M) IDSM-2 (600M) Cat OS/Hybrid 6.1(1)7.6(1) Apr ‘03 Native (IOS) (first) 12.1(8a)EX12.1(19)E May ‘03 Supervisor IDSM-2 Catalyst 6503 Note: A special IOS release 12.2(14)SY will be available in mid-April to support all mods but CSM and SSL 7.5(1) will work on the IDSM-2 but there is a PSIRT – use 7.6(1)

777 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID Service Module Interoperability FWSMNAM-1/2IDSM-2VPNSM FCSNov ‘02Aug ‘02May ‘03Dec ‘03 1 st IOS12.1(13)E 12.1(19)E (May) Tetons 1 st CAT OS 7.5(1)7.3(1)7.6(1) (now) Kissimee 7.7(1) Interop- erability NAMNAM+ FWSMNAM+FWSM+ IDSM- 2+SSL+CSM NAM+FWSM+ IDSM- 2+VPNSM Available Now Mar ’032H CY ‘03 Recommended to Use Supervisor 2 MSFC2 for Best Results Note: A special IOS release 12.2(14)SY will be available in mid-April to support all mods but CSM and SSL

888 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM-2 Supervisor Support SupervisorCAT OS/Hybrid (7.5(1)) Native (IOS) 12.1(19)E Sup1 No Support Sup1A ApprovedNo Support Sup1A/PFC ApprovedNo Support Sup1A/MSFC1 No SupportApproved Sup1A/MSFC2 ApprovedNot Tested Sup2 ApprovedNot Tested Sup2/MSFC2 Approved Rank of installed base: 1) Sup1A; 2) Sup1A/MSFC1; 3) Sup1A/MSFC2; 4) Sup2/MSFC2 IOS 12.2(14)SY supports only Sup 2 Msfc 2

999 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM Management Techniques * Requires download from CCO to get R1.1 IDSM-1IDSM-2PriceLocationRevisionUsers/ Devices IDM (config) No Support YesIncludedOn module browser4.01 device IEV (monitor) Yes IncludedLoaded on W2K device/includes MySQL database 4.03 devices VMS Yes $8,000+Separate Bundle with Management Center (MC) and Security Monitor 2.1 includes IDSMC and Sec Mon R1.0* 20 users SNMP No N/A Post-4.0 feature N/A Unix Director YesNo$5000HP Openview (Solaris in ~Jun ’03) 3.5No limit CSPM YesNo$2000 (EOS) Win NT, config, monitoring, alarm monitor, notification 2.3.3iMultiple

10 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM-2 Third Party Support & Misc Monitoring - Netforensics - Tivoli - Red Siren Configuration - No one yet… No limit to number of modules in chassis No limit to number of VLANs Increasing number of VLANs for IDS has no impact on CAT performance MPLS is not supported

11 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID Switch Sensor Catalyst 6500 IDS Module (IDSM-2) Key Features 5x performance of IDSM-1 Lock-Step code and sig updates with standalone units (Release 4.0) Supports TCP Resets Supports CLI Supports IP Logging Supports VACL Capture, SPAN/RSPAN/ERSPAN Integrated with IDM/IEV NTP IDSM-2

12 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID IDSM-1 to IDSM-2 Upgrade Program Customers with IDSM-1 can upgrade to IDSM-2 by swap under an aggressive trade-in program Program Details – Standard customer discount off IDSM-2 – Then take $10,000 off the result – Final number is customer price – Customer MUST return IDSM-1 (cannot be redeployed) – Program ends December, 2003 – Cannot be combined with other IDSM-2 promotions IDSM-1 IDSM-2

13 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID Reasons to Upgrade from IDSM-1 Performance - IDSM-2 proves 5x performance uplift Same code as Appliance reducing dev time, training, implementation, lock step sig updates IDSM-1 EOS April, R4.0 and beyond cannot run on IDSM-1, it is locked at R3.0.5 so no advanced feature development is possible New management capabilities such as IDM and MC do not support IDSM-1 and will not support it Many new features supported in IDSM-2 such as CLI, SME, Fabric, RDEP, TCP Resets, more