Guest

Cisco IPS 4200 Series Sensors

Cisco 4240-DC Intrusion Prevention Sensor

Hierarchical Navigation

Downloads

PRODUCT BULLETIN NO. 3048

The Cisco® IPS 4240-DC is a purpose-built intrusion prevention sensor that augments Cisco's market-leading line of intrusion detection and prevention system appliances, delivering the industry's best price/performance marks while achieving high levels of reliability (Figure 1). The Cisco IPS 4240-DC is based on the IPS 4240 platform but introduces unique features, such as support for DC power and compliance with NEBS (Network Equipment Building Systems) Level 3 guidelines. This allows the IPS 4240-DC to be deployed in environments that have specific requirements pertaining to NEBS Level 3 compliance.

The Cisco IPS 4240-DC helps decrease total cost of ownership by supporting a high port density that allows coverage of multiple network subnets using a single appliance. The sleek one-rack-unit design supports four monitoring interfaces. With support for features delivered by Cisco IPS Sensor Software Version 5.0, the Cisco IPS 4240-DC delivers a rich set of attack identification capabilities. The Cisco IPS 4240-DC enhances the effectiveness of IDS/IPS deployments by using Cisco's Accurate Prevention Technologies to reduce false alarms. As a network integrated solution, the Cisco IPS 4240-DC can be deployed at strategic segments of the network to accurately detect and stop worms and viruses, helping to ensure business continuity.

Figure 1. The Cisco IPS 4240-DC Sensor

Table 1 lists some features of the Cisco IPS 4240-DC appliance.

Table 1. Features Table

Feature

Description
Performance

250 Mbps
Form Factor

1 RU
Onboard Monitoring Interfaces

Four 10/100/1000BASE-T
Management Interface

One 10/100BASE-T

NEW FEATURES

New features of the Cisco IPS 4240-DC include:

• NEBS Level 3 Compliance

• Support for DC power

• Effective worm and virus mitigation through inline intrusion prevention capabilities*

• Purpose-built, high-performance IPS appliance featuring reduced weight and dimensions

• Dual-mode intrusion detection and prevention settings that allow the deployment of a single unit to simultaneously deliver both promiscuous-based IDS and inline IPS operations

• Multi-network interface card (NIC) support, with four on-board monitoring interfaces

• Copper interfaces

• ROMMON/Trivial File Transfer Protocol (TFTP)-based quick sensor imaging

• Increased reliability through diskless architecture and the support of flash memory

• Optimized power consumption through the incorporation of multiple thermal zones and the delivery of heat-sensitive fans

• Enhancement of high-availability IPS deployments through the delivery of automated sensor bypass mechanisms

• A highly scalable and resilient architecture using Cisco EtherChannel® load-balancing capabilities on Cisco Catalyst® switches

• Multiple automated response actions, including packet drops*, connection termination, and access control list (ACL) blocking on routers, switches, and firewalls

• Improved reliability of inline IPS packet drop actions by using risk ratings to accurately qualify the fidelity of events*

• False alarm reduction through enhanced on-box correlation, using the Meta Event Generator (MEG)

• Application inspection technologies, for enforcement of policy decisions based on content detected at the application layer*

• Advanced voice over IP (VoIP) engine that detects and stops threats in VoIP environments*

• Support for packet inspection in MPLS environments

• VLAN-based load sharing through the support of 802.1q

• Embedded management and monitoring options that support encrypted communications

• Support for ICSA's standards-based Security Device Event Exchange (SDEE) communications protocol*

UPGRADE PATHS

The Cisco IPS 4240-DC sensor is a functional replacement for the Cisco IDS 4235 sensor. Customers can use the Cisco Technology Migration Plan (TMP) to trade in products and receive credit toward the purchase of new Cisco equipment. For more information about Cisco TMP, visit: http://www.cisco.com/go/tradein/

AVAILABILITY

The Cisco IPS 4240-DC is orderable. Table 2 lists ordering information for the Cisco IPS 4240-DC.

ORDERING INFORMATION

Table 2. Ordering Information for the Cisco IPS 4240-DC

Part Number

Description
IPS-4240-DC-K9

Cisco IPS 4240-DC Sensor; includes chassis, software, Secure Shell Protocol (SSH), and four 10/100/1000BASE-T interfaces with RJ-45 connector

FOR MORE INFORMATION

For more information about the Cisco IPS 4240-DC, contact your local Cisco account representative, or visit: http://www.cisco.com/go/ips
* Requires Cisco IPS Sensor Software Version 5.0
Text Box: Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel: 408 526-4000 800 553-NETS (6387)Fax: 408 526-4100 European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel: 31 0 20 357 1000Fax: 31 0 20 357 1100 Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel: 408 526-7660Fax: 408 527-0883 Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright 2005 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) 204148.M_ETMG_KL_8.05Printed in the USA Text Box: Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel: 408 526-4000 800 553-NETS (6387)Fax: 408 526-4100 European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel: 31 0 20 357 1000Fax: 31 0 20 357 1100 Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel: 408 526-7660Fax: 408 527-0883 Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright 2005 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) 204148.M_ETMG_KL_8.05Printed in the USA