1. Manuals
  2. Brands
  3. Source fire Manuals
  4. Accessories
  5. 500
  6. Installation manual

Source fire 500 Installation Manual

3d system 3d sensor
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
3D Sensor
Installation Guide
Version 4.10.3

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 500 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Summary of Contents for Source fire 500

  • Page 1 3D Sensor Installation Guide Version 4.10.3...
  • Page 2 Terms of Use Applicable to the User Documentation The legal notices, disclaimers, terms of use, and other information contained herein (the “terms”) apply only to the information discussed in this documentation (the “Documentation”) and your use of it. These terms do not apply to or govern the use of websites controlled by Sourcefire, Inc.

  • Page 3: Table Of Contents

    Table of Contents Chapter 1: Before You Begin................. 7 IPS Installation Considerations ................8 RNA Installation Considerations ................9 RUA Installation Considerations ................. 10 Typical 3D Sensor Deployments ................. 11 Deploying a Multi-Port 3D Sensor............15 Other Deployment Options ................18 Integrating with VPNs................
  • Page 4 Installing a 3D Sensor .............. 33 Included Items ....................34 Security Considerations ..................34 Identifying the Management and Sensing Interfaces......... 35 Sourcefire 3D Sensor 500/1000/2000 ........... 35 Sourcefire 3D Sensor 2100/2500/3500/4500......... 36 Sourcefire 3D Sensor 6500..............38 Sourcefire 3D Sensor 7010/7020/7030 ..........42 Sourcefire 3D Sensor 7110/7120 ............
  • Page 5 Table of Contents Chapter 4: Hardware Specifications ............89 Rack and Cabinet Mounting Options ..............89 Sourcefire 3D Sensor 500/1000/2000 Specifications ......... 90 Chassis Front View ................90 Chassis Rear View ................. 92 Physical and Environmental Parameters..........93 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications ......94 Chassis Front View ................
  • Page 6 General Safety Guidelines ................177 Safety Warning Statements................179 Regulatory Information ..................182 Sourcefire 3D Sensor 500/1000/2000 Information ......183 Sourcefire 3D Sensor 2100/2500/3500/4500 Information ....184 Sourcefire 3D Sensor 6500/9900 Information ........185 Sourcefire 3D Sensor 7000 Series Information ........186 Sourcefire 3D Sensor 8000 Series Information ........

  • Page 7: Chapter 1: Before You Begin

    Chapter 1 Before You Begin This guide describes how to install and set up the Sourcefire 3D Sensor. Depending on which Sourcefire 3D System products you have licensed, a Sourcefire 3D Sensor can include: • IPS, the intrusion detection and prevention component •...

  • Page 8: Ips Installation Considerations

    Before You Begin Chapter 1 IPS Installation Considerations This chapter describes some of the considerations for deploying a 3D Sensor, including: • the concept of the detection engine and the modes in which you can deploy detection engines on the 3D Sensor: passive or inline •...

  • Page 9: Rna Installation Considerations

    Before You Begin Chapter 1 RNA Installation Considerations Your deployment decisions for 3D Sensors with IPS will be based on a variety of factors. Answering these questions can help you understand the vulnerable areas of your network and clarify your intrusion detection and prevention needs: •...

  • Page 10: Rua Installation Considerations

    Before You Begin Chapter 1 RUA Installation Considerations your deployment choices. This section examines some general goals that can influence a deployment of 3D Sensors with RNA, such as: • gaining a more thorough understanding of your current network infrastructure •...

  • Page 11: Typical 3D Sensor Deployments

    Before You Begin Chapter 1 Typical 3D Sensor Deployments Typical 3D Sensor Deployments In the following simple network architecture diagram, the network has three areas with three different security policies: • between the border router and the firewall • in the demilitarized zone, or DMZ •...
  • Page 12 Before You Begin Chapter 1 Typical 3D Sensor Deployments make sure you connect the 3D Sensor’s management interface to a secure internal network that is protected from unauthorized access. Outside the Firewall Outside the firewall, the router provides the first line of defense. Although you can configure most routers to block unwanted packets, this is not typically used to secure the network segment between the router and the firewall.
  • Page 13 Before You Begin Chapter 1 Typical 3D Sensor Deployments In the DMZ In this simple network architecture, the DMZ contains outward-facing servers (web, FTP , DNS, mail, and so on). The hosts in the DMZ provide services to external users and are at a greater security risk than those inside the firewall. In this network configuration, the servers in the DMZ also provide services such as mail relay and web proxy to users on the internal network.
  • Page 14 Before You Begin Chapter 1 Typical 3D Sensor Deployments On the Internal Side of Redundant Firewalls Many network environments implement a redundant data path for Internet connectivity. These secondary links may also require monitoring in situations when the primary, or active, links go offline. Two options are available for ensuring continuous monitoring during a primary link outage: •...

  • Page 15: Deploying A Multi-Port 3D Sensor

    Before You Begin Chapter 1 Typical 3D Sensor Deployments one computer on the internal network directed against other computers on the internal network if the attack traffic traverses the switch. Similarly, if a host on your network is compromised from within, RNA can immediately identify both unauthorized changes on hosts.
  • Page 16 Before You Begin Chapter 1 Typical 3D Sensor Deployments Deploying a multi-port 3D Sensor with a network tap is a straightforward process. The following diagram shows a network tap installed on a high-traffic network segment. In this scenario, the tap transmits incoming and outgoing traffic through separate ports.
  • Page 17 Before You Begin Chapter 1 Typical 3D Sensor Deployments Note that with a gigabit optical tap, as shown in the illustration below, both sets of ports on the 3D Sensor are used by the connectors from the tap. If your 3D Sensor supports multiple detection engines, you can also create interface sets to capture data from separate networks.

  • Page 18: Other Deployment Options

    Before You Begin Chapter 1 Other Deployment Options Other Deployment Options The following sections describe other installation scenarios that may affect your enterprise’s deployment of the Sourcefire 3D System: • Integrating with VPNs on page 18 • Detecting Intrusions on Other Points of Entry on page 18 •...
  • Page 19 Before You Begin Chapter 1 Other Deployment Options 3D Sensors can be installed at key locations on a complex network with multiple entry points. Version 4.10.3 Sourcefire 3D Sensor Installation Guide...

  • Page 20: Deploying In Multi-Site Environments

    Before You Begin Chapter 1 Other Deployment Options Deploying in Multi Site Environments Many organizations want to extend intrusion detection across a geographically disparate enterprise and then analyze all the IPS data from one location. The Sourcefire 3D System supports this by offering the Defense Center, which aggregates and correlates events from 3D Sensors deployed throughout the organization’s many locations.

  • Page 21: Integrating 3D Sensors With Rna Within Complex Networks

    Before You Begin Chapter 1 Other Deployment Options Integrating 3D Sensors with RNA within Complex Networks You can deploy 3D Sensors with RNA in more complex network topologies than a simple multi-sector network. This section describes the issues surrounding network discovery and vulnerability analysis when deploying RNA in environments where proxy servers, NAT devices, and VPNs exist, in addition to information about using the Sourcefire Defense Center to manage multiple 3D Sensors and the deployment and management of 3D Sensors in a multi-site...

  • Page 22: Understanding Detection Engines And Interface Sets

    Before You Begin Chapter 1 Understanding Detection Engines and Interface Sets Understanding Detection Engines and Interface Sets A detection engine is the mechanism on a 3D Sensor that is responsible for analyzing the traffic on the network segment where the sensor is connected. Depending on which components are licensed on the sensor, 3D Sensors can support three types of detection engines: IPS, RNA, and RUA.

  • Page 23: Understanding Detection Resources And 3D Sensor Models

    Before You Begin Chapter 1 Understanding Detection Engines and Interface Sets like a virtual sensor within a sensor. When you create a detection engine on a 3D Sensor, you specify which of the sensor’s sensing interfaces it uses and what portion of the sensor’s detection resources it can use.
  • Page 24 Before You Begin Chapter 1 Understanding Detection Engines and Interface Sets Detection Resources by Model (Continued) Model Optimal Maximum Combination per Sensor per Sensor Restrictions 3D2000 No restrictions 3D2100 No restrictions 3D2500 No restrictions 3D3000 No restrictions 3D3500 No restrictions 3D4500 No restrictions 3D6500...

  • Page 25: Comparing Inline And Passive Interface Sets

    Before You Begin Chapter 1 Connecting Sensors to Your Network Comparing Inline and Passive Interface Sets An interface set is comprised of one or more sensing interfaces on the 3D Sensor. Each detection engine is assigned to an interface set and uses those interfaces to monitor the traffic on specific network segments.

  • Page 26: Using A Hub

    Before You Begin Chapter 1 Connecting Sensors to Your Network Using a Hub An Ethernet hub is an inexpensive way to ensure that the detection engine on a 3D Sensor can see all the traffic on a network segment. Most hubs of this type take the IP traffic meant for any of the hosts on the segment and broadcast it to all the devices connected to the hub.

  • Page 27: Issues For Copper Cabling In Inline Deployments

    Before You Begin Chapter 1 Connecting Sensors to Your Network Issues for Copper Cabling in Inline Deployments If you are deploying your sensor inline on your network, and you are taking advantage of your sensor’s fail open capabilities to maintain network connectivity even if the sensor goes down, there are a few important points to keep in mind.
  • Page 28 Before You Begin Chapter 1 Connecting Sensors to Your Network For sensor models that fail open as straight-through, wire the device as you would for normal operation without a sensor deployed. The link should work with power to the sensor removed. In most cases you should use one crossover cable and one straight-through cable to connect the sensor to the two endpoints.

  • Page 29: Special Case: Connecting 8000 Series Devices

    Before You Begin Chapter 1 Using a Sourcefire Defense Center Note that every network environment is likely to be unique, with endpoints that have different combinations of support for Auto-MDI-X. The easiest way to confirm that you are installing your sensor with the correct cabling is to begin by connecting the sensor to its two endpoints using one of the cabling scenarios shown in the illustration, but with the sensor powered down.
  • Page 30 Before You Begin Chapter 1 Using a Sourcefire Defense Center If the 3D Sensor and the Defense Center reside on the same network, you can connect the management interface on the 3D Sensor to the same protected internal network as the Defense Center. This allows you to securely control the sensor from the Defense Center and aggregate the event data generated on the 3D Sensor’s network segment.

  • Page 31: Communication Ports

    Before You Begin Chapter 1 Communication Ports Communication Ports The Sourcefire 3D System uses ports 443 and 8305 to communicate internally and externally between the Defense Center and sensors. Open other ports to enable optional functionality within your deployment. Communication Ports Ports Description Protocol...
  • Page 32 Before You Begin Chapter 1 Communication Ports Communication Ports (Continued) Ports Description Protocol Direction Open the port to... 1812, 1813 RADIUS Outbound use RADIUS. Open both ports to ensure that RADIUS functions correctly. Ports 1812 and 1813 are the default, but you can configure RADIUS to user other ports instead.

  • Page 33: Chapter 2: Installing A 3D Sensor

    Chapter 2 Installing a 3D Sensor Depending on what you have licensed and which sensor model you are using, the Sourcefire 3D Sensor can host the RNA component, the IPS component, the RUA component, or any combination of the three. The IPS component requires that you install a license on the sensor itself during the initial setup process.

  • Page 34: Included Items

    Installing a 3D Sensor Chapter 2 Included Items • Redirecting Console Output on page 75 • Testing an Inline Fail-Open Interface Installation on page 76 • Checking for Updates on page 78 Included Items The following is a list of components that ship with Sourcefire appliances. As you unpack the system and the associated accessories, check that your package contents are complete as follows: •...

  • Page 35: Identifying The Management And Sensing Interfaces

    The Sourcefire 3D Sensor is delivered on different hardware appliances. Make sure you refer to the correct illustration for your appliance as you follow the installation procedure: • Sourcefire 3D Sensor 500/1000/2000 on page 35 • Sourcefire 3D Sensor 2100/2500/3500/4500 on page 36 •...

  • Page 36: Sourcefire 3D Sensor 2100/2500/3500/4500

    Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces loses power. You must also use the web interface to configure the interface set as inline with fail open. paired paired interfaces interfaces (eth1 and eth2) (eth3 and eth4) If you configure the interfaces as inline without using the fail-open capability, you can use any two of the interfaces on the sensor as an inline pair.
  • Page 37 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces The following illustration indicates the locations of the sensing interfaces, which are on the front of the chassis. eth8 eth4 eth6 eth2 eth7 eth3 eth9 eth5 NIC 1 NIC 2 Sensing Interfaces Sensing Interfaces...

  • Page 38: Sourcefire 3D Sensor 6500

    Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces If you configure the interfaces as inline without using the fail-open capability, you can use any two of the interfaces on the same NIC as an inline pair. IMPORTANT! By default, the initial setup process supports one inline fail-open interface pair for...
  • Page 39 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces The 3D6500 appliance can be delivered with four different sensing interface configurations: • twelve 10/100/1000 copper interfaces with bypass capability; see Twelve-Port Copper Configuration on page 39 for more information. •...
  • Page 40 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Quad Port 10Gb Fiber Configuration The 3D6500 sensor can be shipped with a quad-port 10Gb fiber bypass configuration. It uses LC-type (Local Connector) optical transceivers. Note that these are SR interfaces. The following illustration indicates the interface numbering.
  • Page 41 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces You can use the copper interfaces to passively monitor up to six separate network segments. You can also use paired interfaces in inline or inline with fail open mode, which allows you to deploy the 3D Sensor as an intrusion prevention system on up to three networks.

  • Page 42: Sourcefire 3D Sensor 7010/7020/7030

    Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces as paired interfaces to a network segment. This allows traffic eth10 eth11 to flow even if the sensor fails or loses power. You must also use the web interface to configure the interface set as inline with fail open.
  • Page 43 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces capability. The following illustration of the rear of the chassis indicates the location of the management interface. The rear is identical for copper and fiber chassis. Management Interface Dual Quad-Port 1000BASE-T Copper Bypass Sensing Interfaces The following illustration indicates the location of the copper sensing interfaces, which are on the front of the chassis.
  • Page 44 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Eight Port 1000BASE-SX Fiber Bypass Interfaces The following illustration indicates the location of the fiber sensing interfaces, which are on the front of the chassis. Sensing Interfaces Activity LED Link LED Bypass LED The eight-port 1000BASE-SX fiber bypass configuration uses LC-type (Local...

  • Page 45: Sourcefire 3D Sensor 8120/8130/8140

    Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Sourcefire 3D Sensor 8120/8130/8140 The 3D8120, 3D8130, and 3D8140 3D Sensors are 1U appliances. This sensor can be shipped fully assembled, or you can install the sensing interface modules into the chassis.
  • Page 46 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Quad Port 1000BASE-T Copper Bypass NetMod Link LED Activity LED Bypass LED You can use these connections to passively monitor up to four separate network segments. You also can use paired interfaces in inline or inline with fail-open mode, which allows you to deploy the 3D Sensor as an intrusion prevention system on up to two separate networks.
  • Page 47 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces mode, which allows you to deploy the 3D Sensor as an intrusion prevention system on a single network. TIP! For best performance, use the interface sets consecutively. If you skip any interfaces, you may experience degraded performance.

  • Page 48: Sourcefire 3D Sensor 8250/8260/8270/8290

    Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Stacking Module Activity Link You can increase the amount of traffic inspected on a network segment by connecting two 3D8140 sensors in a stacked sensor configuration to combine their resources into a single, shared configuration.
  • Page 49 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces shipped with your modules.The following illustration of the rear view of the 3D8250 and 3D8260 chassis indicates the location of the management interface. Management Interface The following illustration of the front view of the chassis indicates the location of the sensing interfaces.
  • Page 50 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Quad Port 1000BASE-T Copper Bypass NetMod Link LED Activity LED Bypass LED The quad-port 1000BASE-T copper bypass configuration uses Ethernet cables. You can use these connections to passively monitor up to four separate network segments.
  • Page 51 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces mode, which allows you to deploy the 3D Sensor as an intrusion prevention system on a single network. TIP! For best performance, use the interface sets consecutively. If you skip any interfaces, you may experience degraded performance.
  • Page 52 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces Dual-Port 40GBASE-SR4 Fiber Bypass NetMod Port Activity LED Link LED Bypass LED The dual-port 40GBASE-SR4 fiber bypass configuration uses MPO (Multiple-Fiber Push On) connector optical transceivers. You can use the 40G NetMod only in the 3D8270/8290 or a 40G-capable 3D8250/8260.

  • Page 53: Sourcefire 3D Sensor 9900

    Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces One sensor is designated as primary and the others are secondary. Connect the primary sensor to the network segment you want to analyze in the same way you would configure a single 3D8250 sensor (either passive, inline, or inline with fail- open).
  • Page 54 Installing a 3D Sensor Chapter 2 Identifying the Management and Sensing Interfaces The 3D9900 appliance can be delivered with two different sensing interface configurations: • Twelve-port configurations for 10/100/1000 copper bypass; see Twelve-Port Copper Configuration on page 54 for more information •...

  • Page 55: Using 3D Sensors In A Stacked Configuration

    Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration numbering for the two leftmost interfaces: . The two interfaces ethb0 ethb1 on the right are ethb2 ethb3 ethb0 ethb1 ethb2 ethb3 You can use this configurations to passively monitor up to four separate network segments.

  • Page 56: Connecting 3D9900 Sensors

    Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration One sensor is designated as the primary sensor and is displayed on the web interface with the primary role. All other sensors are secondary and are displayed in the web interface with the secondary role.
  • Page 57 Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration want to analyze in the same way that you would connect a single 3D9900 sensor (either passive, inline, or inline with fail-open). The following graphic shows how to connect the primary and secondary sensors.

  • Page 58: Connecting 3D8140 Sensors

    Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration Connecting 3D8140 Sensors You can connect two 3D8140 sensors in a stacked configuration. Use one 8000 Series stacking cable to create the physical connection between the primary sensor and the secondary sensor. For more information on using the stacking cable, see Using the 8000 Series Stacking Cable on page 62.
  • Page 59 Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration Use two 8000 Series stacking cables for each secondary sensor you want to connect to the primary sensor. Note that sensors do not need to be powered down to attach the cables.
  • Page 60 Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration Use additional stacking modules in the 3D8250 to add more secondary sensors to the configuration. The following example shows a primary sensor with two dedicated secondary sensors. In this example, the primary sensor is installed above the two secondary sensors.
  • Page 61 Installing a 3D Sensor Chapter 2 Using 3D Sensors in a Stacked Configuration The following example shows a primary sensor with three dedicated secondary sensors. In this example, one secondary sensor is installed above the primary sensor and two secondary sensors are installed below the primary sensor. 3D8290 - 3D8250 Primary Sensor with Three Secondary Sensors Secondary Sensor Primary Sensor...

  • Page 62: Using The 8000 Series Stacking Cable

    Installing a 3D Sensor Chapter 2 Installing the 3D Sensor in a Rack Using the 8000 Series Stacking Cable The 8000 Series stacking cable has identically-keyed ends, each with a latch to secure the cable in the sensor and a latch release tab. Latch Release Tab Keyed Cable End Latch...
  • Page 63 Installing a 3D Sensor Chapter 2 Installing the 3D Sensor in a Rack To install the appliance: Mount the appliance in your rack using the mounting kit. Use the instructions supplied with the mounting kit. IMPORTANT! You may also use the 3D500, 3D1000, and 3D2000 appliances as desktop devices.

  • Page 64: Configuring The Management Interface

    Installing a 3D Sensor Chapter 2 Configuring the Management Interface If you are deploying a sensor with fail-open interfaces, you are taking advantage of your sensor’s ability to maintain network connectivity even if the sensor goes down. See Testing an Inline Fail-Open Interface Installation on page 76 for more information on installation and latency testing.

  • Page 65: Using The Management Interface

    Installing a 3D Sensor Chapter 2 Configuring the Management Interface For Series 3 appliances only, you can also use the following options: • Using the LCD Panel on page 68 explains how to use the LCD Panel to configure the management interface for the appliance. •...

  • Page 66: Using A Monitor And Keyboard

    Installing a 3D Sensor Chapter 2 Configuring the Management Interface Use the web browser on the local host to navigate to the appliance’s default IP address: https://192.168.45.45/ The Login page appears. TIP! You may need to add an exception to your trusted sites on your browser before you can access the login page.
  • Page 67 Installing a 3D Sensor Chapter 2 Configuring the Management Interface To use a monitor and keyboard: Using the supplied Ethernet cable, connect the management interface on the rear of the appliance to a protected management network. Connect a monitor and keyboard to the appliance. Connect the monitor to the VGA port and the keyboard to one of the USB ports (or optionally to the PS/2 keyboard connector, if available).

  • Page 68: Using The Lcd Panel

    Installing a 3D Sensor Chapter 2 Configuring the Management Interface Enter the IP address of the gateway for this IP address. For example: 10.2.1.1 The following prompt appears: Are these settings correct: (y or n)? You have two options: • If the settings are correct, type and press Enter to continue.
  • Page 69 Installing a 3D Sensor Chapter 2 Configuring the Management Interface The cursor appears only on the second line, and indicates where on the display you are editing. Note that when the cursor is not located at the first digit, the panel displays a left arrow, and using the corresponding function key moves (<)
  • Page 70 Installing a 3D Sensor Chapter 2 Configuring the Management Interface Use the multi-function keys to move the cursor left or right until you reach the digit in the IP address you want to edit. Initially, the cursor is located at the far left of the display and the cancel (X) symbol is displayed instead of the left (<) arrow.

  • Page 71: Using The Command Line Interface

    Installing a 3D Sensor Chapter 2 Configuring the Management Interface Using the Command Line Interface Use the command line interface on Series 3 sensors only to configure the management interface on the appliance. Series 3 sensors must be managed by a Defense Center. A unique alphanumeric registration key is always required.

  • Page 72: Performing The Initial Setup

    Installing a 3D Sensor Chapter 2 Performing the Initial Setup • enter a comma-separated list of DNS servers or ‘none’ XxX.XXx.XXx.XXx XxX.XxX.XxX.XxX • enter a comma-separated list of search domains or ‘none’ searchdomain.com • Set permission for the LCD Panel to reconfigure the network. Note that allowing the LCD Panel to configure network settings poses a security risk because no authentication is needed, only physical access.
  • Page 73 Installing a 3D Sensor Chapter 2 Performing the Initial Setup To complete the initial setup: From a host with a web browser that can reach the appliance’s management interface on the protected management network, navigate to: https: //mgt_ip_address/ where is the IP address you set up in the previous mgt_ip_address procedure.
  • Page 74 Installing a 3D Sensor Chapter 2 Performing the Initial Setup Under Time Settings, indicate how you want to set the time. You can set the time manually or via network time protocol (NTP) from an NTP server. Note that if you are managing the sensor with a Defense Center and the Defense Center itself is set up as an NTP server, you can specify the Defense Center as the sensor’s NTP server.

  • Page 75: Redirecting Console Output

    Installing a 3D Sensor Chapter 2 Redirecting Console Output Under License Settings, indicate whether you want to add a sensor license. Note that licenses can be applied at a later time. See “System Settings” in the Sourcefire 3D System User Guide for more information. •...

  • Page 76: Testing An Inline Fail-Open Interface Installation

    Installing a 3D Sensor Chapter 2 Testing an Inline Fail-Open Interface Installation Console Redirection Options table describes the options available per device. Console Redirection Options Appliance VGA Port Serial Port (Default) Access 3D500/1000/2000 tty0 ttys0 3D2100/2500/3500/4500 tty0 3D6500 tty0 ttys1 3D9900 tty0 ttys1...
  • Page 77 Installing a 3D Sensor Chapter 2 Testing an Inline Fail-Open Interface Installation To test a sensor with inline fail-open interface installation: Ensure that the interface set type for the appliance is configured for inline fail-open mode. See Using Detection Engines and Interface Sets in the Sourcefire 3D System User Guide for instructions on configuring an interface for inline fail-open mode.

  • Page 78: Checking For Updates

    Installing a 3D Sensor Chapter 2 Checking for Updates • sensor powered on, policy with no rules applied, inline IPS policy protection tap mode • sensor powered on, policy with tuned rules applied, inline IPS policy protection mode Ensure that the latency periods are acceptable for your installation. For information on resolving excessive latency problems, see “Configuring Packet Latency Thresholding”...

  • Page 79: Chapter 3: Using The Lcd Panel

    Chapter 3 Using the LCD Panel The LCD Panel on the Series 3 3D Sensor displays system information, such as CPU utilization, free memory, and chassis serial number. If an error is detected, the display flashes an alert indicating the type of error, such as hardware alarm, link state propagation, or fail-open status, and continues flashing until the error has been resolved.

  • Page 80: Understanding The Lcd Panel

    Using the LCD Panel Chapter 3 Understanding the LCD Panel Understanding the LCD Panel Use the multi-function keys on the LCD Panel to install and configure the appliance, view error messages, display system status. LCD Panel Multi-Function Keys Function Symbols A symbol and its location on the display correspond to its function and the location of the key used to perform that function.

  • Page 81: Initial Setup/Network Configuration

    Using the LCD Panel Chapter 3 Understanding LCD Panel Modes LCD Panel Display Modes (Continued) Mode Function Error Alert Alerts when one or more errors or fault conditions are present. This mode persists until the error or fault condition is no longer detected. See Error Alert Mode page 83.

  • Page 82: Idle Display

    Using the LCD Panel Chapter 3 Understanding LCD Panel Modes Initial Setup/Network Configuration table lists configurable information. Initial Setup/Network Configuration IPv4 (default) IPv6 IP address IP address Netmask Prefix Default Gateway Default Gateway Note that the displays for editing the Netmask, Prefix, and Gateway function in the same manner as the IP address display.

  • Page 83: Error Alert

    Using the LCD Panel Chapter 3 Understanding LCD Panel Modes Error Alert The Error Alert mode is enabled any time one or more errors or fault conditions occur. The Error Alert menu will flash, displaying the process or condition that is in failure state.
  • Page 84 Using the LCD Panel Chapter 3 Understanding LCD Panel Modes System Status Mode Press any key during the Idle Display mode to enter the System Status mode, which provides a selection of menus as described in the System Status Menus table.

  • Page 85: Using The Multi-Function Keys

    Using the LCD Panel Chapter 3 Using the Multi-Function Keys The Information menus display current information about the system. See the options on the Information Menus table. Information Menus Menu Description IP Address Displays the IP address on the management interface. Model Displays the model of the appliance.
  • Page 86 Using the LCD Panel Chapter 3 Using the Multi-Function Keys Navigate through the LCD Panel menu using the multi-function keys. Menu Access Keys Description Right arrow Enter the menu displayed to the left of the arrow. Left arrow Exit the current menu and return to previous display. Up and down Scroll up and down through the menu list.

  • Page 87: Resetting The Network Configuration

    Using the LCD Panel Chapter 3 Resetting the Network Configuration Multi-Function Keys (Continued) Symbol Function Decrease the selected digit by one (used in initial setup (minus) mode). Accept action. (checkmark) Resetting the Network Configuration If you want to reconfigure the sensor using the LCD Panel, you must use the user interface to re-enable network configuration from the LCD Panel.

  • Page 88: Adjusting The Brightness And Contrast On The Lcd Panel

    Using the LCD Panel Chapter 3 Adjusting the Brightness and Contrast on the LCD Panel Adjusting the Brightness and Contrast on the LCD Panel If you want to adjust the brightness and contrast settings on the LCD Panel, you must use enter the System Status mode and then adjust the settings. To adjust the LCD Panel’s contrast and brightness: In Idle Display mode, press any multi-function key to enter the main menu.

  • Page 89: Chapter 4: Hardware Specifications

    The hardware specifications for each of the appliances are described in the following sections. • Rack and Cabinet Mounting Options on page 89 • Sourcefire 3D Sensor 500/1000/2000 Specifications on page 90 • Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications on page 94 •...

  • Page 90: Sourcefire 3D Sensor 500/1000/2000 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 500/1000/2000 Specifications mounting kits separately. For information on mounting the appliance in a rack, refer to the instructions delivered with the rack-mounting kit. Note that the 3D500/1000/2000 is delivered as a desktop appliance. Optionally, you can purchase a 1U kit to mount the appliance in racks and server cabinets.
  • Page 91 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 500/1000/2000 Specifications System Components: Front View table describes the features on the front of the appliance. System Components: Front View Feature Description 10/100 Ethernet Provides for an out-of-band management network connection. The management...

  • Page 92: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 500/1000/2000 Specifications Chassis Rear View Serial Reset Power Port Port Ports Button Supply System Components: Rear View table describes the features on the rear of the appliance. System Components: Rear View Feature Description Power supply Provides power to the appliance through an AC power source.

  • Page 93: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 500/1000/2000 Specifications Serial Port Pin Assignments (Continued) Signal Description Ground Data Set Ready Request To Send Clear To Send Ring Indicator Physical and Environmental Parameters Physical and Environmental Parameters table describes the physical attributes and the environmental parameters for the appliance.

  • Page 94: Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications The 3D2100, 3D2500, 3D3500, and 3D4500 models of the 3D Sensor are delivered on a 1U appliance. The 3D2500, 3D3500 and 3D4500 Sensors can ship with four-port fiber interfaces (with bypass capability).
  • Page 95 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications System Components: Front View table describes the features on the front of the appliance. System Components: Front View Feature Description USB port Allows you to attach a keyboard to the sensor. You also must use a USB port to restore the sensor to its original factory-delivered state, using the thumb drive delivered with the appliance.
  • Page 96 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications System Components: Front View (Continued) Feature Description NIC 2: The NIC 2 slot configuration depends on your sensor model: no NIC OR • The 3D2100 has a slot cover in place of a second NIC. quad-port copper bypass •...
  • Page 97 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications Quad-Port Copper Bypass NIC LEDs table describes the LEDs associated with the network interfaces on the quad-port copper bypass NIC. Note that the LEDs on NIC1 and NIC2 are reversed. Quad-Port Copper Bypass NIC LEDs Description Activity Indicates traffic activity:...
  • Page 98 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications The LEDs indicate activity on their corresponding interfaces; a random flash pattern indicates that packets are being sent or received. If, however, an inline interface set is in bypass mode (it has failed open), the pair of LEDs (either 1 and 2, or 3 and 4) corresponding to that interface set flash in a regular, alternating pattern.
  • Page 99 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications The front panel of the chassis houses five LEDs, which display the system’s operating state. The Front Panel LEDs table describes the LEDs on the front panel Front Panel LEDs Description Power Indicates whether the system has power: •...

  • Page 100: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications System Status table describes the conditions under which the system status LED might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...
  • Page 101 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications System Components: Rear View table describes the features that appear on the rear of the appliance. System Components: Rear View Feature Description PS/2 mouse connector Allows you to attach a monitor, keyboard, and mouse to the sensor, as an PS/2 keyboard alternative to using the RJ45 serial port, to establish a direct connector...

  • Page 102: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 2100/2500/3500/4500 Specifications RJ45 to DB-9 Adapter Pin-Out (Continued) DB-9 Pin Signal Description RJ45 Pin Clear To Send No Connection The 10/100/1000 management interface is located on the rear of the appliance. Management Interface LEDs table describes the LEDs associated with the management interface.

  • Page 103: Sourcefire 3D Sensor 6500 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications Physical and Environmental Parameters (Continued) Parameter Description Non-Operating Temperature -40°C to 70°C (-40°F to 158°F) Operating Humidity 5% to 85% Non-Operating Humidity 95%, non-condensing at 23°C to 40°C (73°F to 104°F) Altitude 0 to 900m (2,950 ft.) at 35°C (90°F), temperature decremented by 1°C for each additional 300m (985 ft.)
  • Page 104 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications System Components: Front View table describes the features on the front of the appliance. System Components: Front View Feature Description Network Up to three network interface cards can be installed in the 3D Sensor. Interfaces Front panel Houses five LEDs that display the system’s operating state, as well as various...
  • Page 105 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications Copper NIC LEDs table describes the LEDs associated with the network interfaces on the 12-port copper bypass 3D6500 configuration. IMPORTANT! When using NetOptics copper taps with 3D6500 sensor 1Gb copper interfaces, you must keep the cable length between the tap and sensor to no more than 25 feet.
  • Page 106 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications Fiber NIC LEDs table describes the LEDs associated with the network interfaces on the quad-port fiber bypass NIC 3D6500 configuration. Fiber NIC LEDs Status Description The interface does not have link and is not in bypass mode.
  • Page 107 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications The front panel of the chassis houses five LEDs, which display the system’s operating state. The Front Panel LEDs table describes the LEDs on the front panel. Front Panel LEDs Description Power Indicates whether the system has power: •...
  • Page 108 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications System Status table describes the conditions under which the system status LED might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...

  • Page 109: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications Chassis Rear View PS/2 Mouse Connector Management Interface Serial Reserved Redundant Power Supplies Port Ports Port PS/2 Keyboard Connector System Components: Rear View table describes the features that appear on the rear of the appliance. System Components: Rear View Feature Description...
  • Page 110 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications The 10/100/1000 management interface is located on the rear of the appliance. Management Interface LEDs table describes the LEDs associated with the management interface. Management Interface LEDs Description Left (Activity) Indicates activity on the port. A blinking LED indicates activity;...

  • Page 111: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 6500 Specifications RJ45 to DB-9 Adapter Pin-Out table list the signals on a typical DB-9 serial connector and the corresponding pins on the 3D Sensor RJ45 serial connectors. You can use this table to construct an adapter for serial connections. RJ45 to DB-9 Adapter Pin-Out DB-9 Pin Signal...

  • Page 112: Sourcefire 3D Sensor 7010/7020/7030 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications Physical and Environmental Parameters (Continued) Parameter Description Fiber SR or LR (10Gb) NIC Quad or dual Fiber Bypass 10GBase with LC connectors Cable and Distance: • LR is Singlemode Fiber (1310nm) at 5000m (Available) •...

  • Page 113: Chassis Front View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications Chassis Front View Front Panel Sensing Interfaces LCD Display Management Port System Components: Front View table describes the features on the front of the appliance. System Components: Front View Feature Description LCD display Operates in multiple modes to configure the sensor, display error messages, and view system status.
  • Page 114 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications Front Panel Front Panel Components Reset button System ID button System status LED Power button and LED Hard drive activity LED The front panel of the chassis houses LEDs, which display the system’s operating state.
  • Page 115 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications System Status table describes the conditions under which the system status LEDs might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...
  • Page 116 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications LCD Panel LCD Display Multi-Function Keys LCD Panel Components Components Description LCD display Displays two lines of up to 17 alphanumeric characters. The last two characters of each line indicate the actions of the two keys at the end of that line.
  • Page 117 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications Use the Copper Link/Activity LEDs Copper Bypass LEDs tables to understand copper LEDs. Copper Link/Activity LEDs Status Description Both LEDs Off The interface does not have link. Link Amber The speed of the traffic on the interface is 10Mb or 100Mb.

  • Page 118: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications Chassis Rear View 2.0 USB Ports Grounding Stud System ID LED VGA Port Serial Port Power Supply Connector System Components: Rear View table describes the features that appear on the rear of the appliance. System Components: Rear View Feature Description...

  • Page 119: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7010/7020/7030 Specifications Physical and Environmental Parameters Physical and Environmental Parameters table describes the physical attributes and the environmental parameters for the appliance. Physical and Environmental Parameters Parameter Description Form Factor 1U, half rack width Dimensions (D x W x H) Single chassis: 12.49"...

  • Page 120: Sourcefire 3D Sensor 7110/7120 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications Physical and Environmental Parameters (Continued) Parameter Description Acoustic Noise 53 dBA when idle. 62 dBA at full processor load. Operating Shock No errors with half a sine wave shock of 5G(with 11 msec. duration) Airflow 20 ft (0.57m...
  • Page 121 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications System Components: Front View table describes the features on the front of the appliance. System Components: Front View Feature Description LCD display Operates in multiple modes to configure the sensor, display error messages, and view system status.
  • Page 122 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications The front panel of the chassis houses LEDs, which display the system’s operating state. The Front Panel LEDs table describes the LEDs on the front panel. Front Panel LEDs Description NIC activity (1 and 2) Indicates whether there is any network activity: •...
  • Page 123 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications System Status table describes the conditions under which the system status LEDs might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...
  • Page 124 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications LCD Panel LCD Display Multi-Function Keys LCD Panel Components Components Description LCD display Displays two lines of up to 17 alphanumeric characters. The last two characters of each line indicate the actions of the two keys at the end of that line.
  • Page 125 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications Use the Copper Link/Activity LEDs Copper Bypass LEDs tables to understand copper LEDs. Copper Link/Activity LEDs Status Description Both LEDs Off The interface does not have link. Link Amber The speed of the traffic on the interface is 10Mb or 100Mb. Link Green The speed of the traffic on the interface is 1Gb.

  • Page 126: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications Fiber Link/Activity LEDs Status Description Top (Activity) For an inline interface: the light is on when the interface has activity. If dark, there is no activity. For a passive interface: the LED is non-functional. Bottom (Link) For an inline or passive interface: the light is on when the interface has link.
  • Page 127 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications System Components: Rear View table describes the features that appear on the rear of the appliance. System Components: Rear View Feature Description VGA port Allows you to attach a monitor, keyboard, and mouse to the sensor, as an USB ports alternative to using the RJ45 serial port, to establish a direct workstation-to-appliance connection.

  • Page 128: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications The power supply modules are located on the rear of the appliance. The Power Supply LED table describes the LED associated with the management interface. Power Supply LED Description The power cord is not plugged in. No power supplied to this module.
  • Page 129 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 7110/7120 Specifications Physical and Environmental Parameters (Continued) Parameter Description Power Supply 450W dual redundant (1+1) AC power supplies Voltage: 100VAC to 240VAC nominal (85VAC to 264VAC maximum) Current: 8A maximum over the full range, per supply 4A maximum for 187VAC to 264VAC, per supply Frequency range: 47Hz to 63Hz Operating Temperature...

  • Page 130: Sourcefire 3D Sensor 8120/8130/8140 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Sourcefire 3D Sensor 8120/8130/8140 Specifications The 3D8120, 3D8130, 3D8140 3D Sensors are 1U appliances. These sensors can be shipped fully assembled, or you can install the network modules (NetMods) that contain the sensing interfaces into the chassis. Assemble your sensor before installing the Sourcefire 3D System.
  • Page 131 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Front Panel Front Panel Components NIC activity LED Reset button Reserved ID button Hard drive activity LED Power button and LED System status LED USB 2.0 connector Non-maskable interrupt button Version 4.10.3 Sourcefire 3D Sensor Installation Guide...
  • Page 132 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications The front panel of the chassis houses LEDs, which display the system’s operating state. The Front Panel LEDs table describes the LEDs on the front panel Front Panel LEDs Description NIC activity Indicates whether there is any network activity: •...
  • Page 133 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications System Status table describes the conditions under which the system status LEDs might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...
  • Page 134 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications LCD Panel LCD Display Multi-Function Keys LCD Panel Components Components Description LCD display Displays two lines of up to 17 alphanumeric characters. The last two characters of each line indicate the actions of the two keys at the end of that line.
  • Page 135 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Use the Copper Link/Activity LEDs Copper Bypass LEDs tables to understand copper LEDs. Copper Link/Activity LEDs Status Description Link Amber The speed of the traffic on the interface is 10Mb or 100Mb. Link Green The speed of the traffic on the interface is 1Gb.
  • Page 136 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Use the Fiber Link/Activity LEDs Fiber Bypass LEDs tables to understand fiber LEDs. Fiber Link/Activity LEDs Status Description Top (Activity) For an inline or passive interface: the light flashes when the interface has activity.
  • Page 137 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Use the Fiber Link/Activity LEDs Fiber Bypass LEDs tables to understand fiber LEDs. Fiber Link/Activity LEDs Status Description Top (Activity) For an inline or passive interface: the light flashes when the interface has activity.

  • Page 138: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Stacking LEDs Status Description Indicates activity on the interface. If dark, there is no activity. Bottom Indicates whether the interface has link. If dark, there is no link. Chassis Rear View USB 2.0 Ports Reserved Power Supply LEDs...
  • Page 139 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications The 10/100/1000 management interface is located on the rear of the appliance. Management Interface LEDs table describes the LEDs associated with the management interface. Management Interface LEDs Description Left (Link) Indicates whether the link is up. If the LED is on, the link is up.

  • Page 140: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications RJ45 to DB-9 Adapter Pin-Out table list the signals on a typical DB-9 serial connector and the corresponding pins on the 3D Sensor RJ45 serial connectors. You can use this table to construct an adapter for serial connections. RJ45 to DB-9 Adapter Pin-Out DB-9 Pin Signal...
  • Page 141 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8120/8130/8140 Specifications Physical and Environmental Parameters (Continued) Parameter Description Fiber 10GBASE Dual Fiber Bypass with LC connectors MMSR or SMLR NetMod Cable and Distance: LR is Single-Mode at 5000m (available) SR is Multimode Fiber (850nm) at 550m (Standard) Fiber 1000BASE-SX Quad Fiber Bypass 1000BASE-SX with LC connectors NetMod...

  • Page 142: Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Physical and Environmental Parameters (Continued) Parameter Description Acoustic Noise Max normal operating noise is 87 .6 dB LWAd (high temp.) Typical normal operating noise is 80 dB LWAd. Operating Shock No errors with half a sine wave shock of 2G (with 11 msec. duration) Airflow 160 ft (4.5m...

  • Page 143: Chassis Front View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Chassis Front View 3D8250 and 3D8260/8270/8290 Primary Sensor Front Panel LCD Panel Module Slots 3D8260 Stacking Module Slot (5) 3D8260/8270/8290 Secondary Sensor Front Panel LCD Panel Stacking Module Slot System Components: Front View table describes the features on the front of the appliance.
  • Page 144 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications System Components: Front View (Continued) Feature Description Front panel controls Houses LEDs that display the system’s operating state, as well as various controls, such as the power button. For more information, see Management Interface LEDs on page 153.
  • Page 145 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications The front panel of the chassis houses LEDs, which display the system’s operating state. The Front Panel LEDs table describes the LEDs on the front panel Front Panel LEDs Description NIC activity Indicates whether there is any network activity: •...
  • Page 146 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications System Status table describes the conditions under which the system status LEDs might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...
  • Page 147 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications LCD Panel LCD Display Multi-Function Keys LCD Panel Components Components Description LCD display Displays two lines of up to 17 alphanumeric characters. The last two characters of each line indicate the actions of the two keys at the end of that line.
  • Page 148 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Quad-Port 1000BASE-T Copper Bypass NetMod Link LEDs Activity LEDs Bypass LED Use the Copper Link/Activity LEDs Copper Bypass LEDs tables to understand copper LEDs. Copper Link/Activity LEDs Status Description Link Amber The speed of the traffic on the interface is 10Mb or 100Mb.
  • Page 149 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Use the Fiber Link/Activity LEDs Fiber Bypass LEDs tables to understand fiber LEDs. Fiber Link/Activity LEDs Status Description Top (Activity) For an inline or passive interface: the light flashes when the interface has activity.
  • Page 150 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Use the Fiber Link/Activity LEDs Fiber Bypass LEDs tables to understand fiber LEDs. Fiber Link/Activity LEDs Status Description Top (Activity) For an inline or passive interface: the light flashes when the interface has activity.
  • Page 151 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Use the Fiber Link/Activity LEDs Fiber Bypass LEDs tables to understand fiber LEDs. Fiber Link/Activity LEDs Status Description Top (Activity) The light flashes when the interface has activity. If dark, there is no activity.

  • Page 152: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Chassis Rear View Reserved Power Supply LEDs USB 2.0 Ports Redundant Serial Port VGA Port Management Interface Power Supplies System Components: Rear View table describes the features that appear on the rear of the 3D8250 and 3D8260 appliances. System Components: Rear View Feature Description...
  • Page 153 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications The 10/100/1000 management interface is located on the rear of the appliance. Management Interface LEDs table describes the LEDs associated with the management interface. Management Interface LEDs Description Left (Link) Indicates whether the link is up. If the LED is on, the link is up.

  • Page 154: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications RJ45 to DB-9 Adapter Pin-Out table list the signals on a typical DB-9 serial connector and the corresponding pins on the 3D Sensor RJ45 serial connectors. You can use this table to construct an adapter for serial connections. RJ45 to DB-9 Adapter Pin-Out DB-9 Pin Signal...
  • Page 155 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 8250/8260/8270/8290 Specifications Physical and Environmental Parameters (Continued) Parameter Description Fiber 10GBASE Dual Fiber Bypass with LC connectors MMSR or SMLR NetMod Cable and Distance: LR is Single-Mode at 5000m (available) SR is Multimode Fiber (850nm) at 550m (Standard) Fiber 1000BASE-SX Quad Fiber Bypass 1000BASE-SX with LC connectors NetMod...

  • Page 156: Sourcefire 3D Sensor 9900 Specifications

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications Physical and Environmental Parameters (Continued) Parameter Description Acoustic Noise 72.9 dBa at full processor load, normal fan operation at 27C Meets GR-63-CORE 4.6 Acoustic Noise Operating Shock No errors with half a sine wave shock of 2G (with 11 msec. duration) Airflow Front to rear, 210 ft (6 m...
  • Page 157 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications System Components: Front View table describes the features on the front of the appliance. System Components: Front View Feature Description Sensing Interfaces 3D9900 Sensors are available with quad-port 10Gb fiber interfaces or 12 1Gb copper interfaces.
  • Page 158 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications Copper NIC LEDs table describes the LEDs associated with the network interfaces on the 12-port copper bypass 3D9900 configuration. Copper NIC LEDs Status Description Left (Activity) blinking amber The interface has link and is running at 1Gbps. Right (Link) green Left (Activity) blinking amber The interface has link is running at 10/100/1000...
  • Page 159 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications Front Panel Controls The following diagram illustrates the front panel controls and LEDs. B C D Front Panel Components Power LED Power button System status LED Reset button Hard drive activity LED Non-maskable interrupt button NIC activity LED...
  • Page 160 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications The front panel of the chassis houses five LEDs, which display the system’s operating state. The Front Panel LEDs table describes the LEDs on the front panel. Front Panel LEDs Description Power Indicates whether the system has power: •...
  • Page 161 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications System Status table describes the conditions under which the system status LED might be lit. System Status Condition Description Critical Any critical or non-recoverable threshold crossing associated with the following events: •...

  • Page 162: Chassis Rear View

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications Chassis Rear View PS/2 Mouse Connector Reserved Serial Mgmt Redundant Port Interface Port Ports Power Supplies PS/2 Keyboard Connector System Components: Rear View table describes the features that appear on the rear of the appliance. System Components: Rear View Feature Description...
  • Page 163 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications The 10/100/1000 management interface is located on the rear of the appliance. Management Interface LEDs table describes the LEDs associated with the management interface. Management Interface LEDs Description Left (Activity) Indicates activity on the port. A blinking LED indicates activity;...
  • Page 164 Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications RJ45 to DB-9 Adapter Pin-Out table list the signals on a typical DB-9 serial connector and the corresponding pins on the 3D Sensor RJ45 serial connectors. You can use this table to construct an adapter for serial connections. RJ45 to DB-9 Adapter Pin-Out DB-9 Pin Signal...

  • Page 165: Physical And Environmental Parameters

    Hardware Specifications Chapter 4 Sourcefire 3D Sensor 9900 Specifications Physical and Environmental Parameters Physical and Environmental Parameters table describes the physical attributes and the environmental parameters for the appliance. Physical and Environmental Parameters Parameter Description Form Factor Dimensions (D x W x H) 20.0 x 16.93 x 3.5 (in inches) 50.8 x 43.0 x 8.9 (in centimeters) Copper NIC...

  • Page 166: Chapter 5: Restoring A 3D Sensor To Factory Defaults

    Chapter 5 Restoring a 3D Sensor to Factory Defaults The procedure for restoring a 3D Sensor to its original factory settings depends on the model you want to restore. WARNING! Restoring your appliance with the restore ISO file results in the loss of all configuration and event data on the appliance.

  • Page 167: Using An Iso File To Restore Your System

    Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System Using an ISO File to Restore Your System For some appliance models, Sourcefire provides an ISO file for restoring the appliance to its original factory settings. Different appliance models use different devices to store their restore image file.

  • Page 168: Obtaining The Restore Iso File

    Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System Obtaining the Restore ISO File You can obtain the restore ISO file for your appliance by downloading it from the Sourcefire Support site and copying it to a local storage device that is accessible to the appliance you are restoring.
  • Page 169 Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System To restore an appliance that uses a restore USB drive: Shut down the appliance using the system settings as described in the Sourcefire 3D System User Guide. Power down the appliance.

  • Page 170: Using An Internal Flash Drive

    Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System Using an Internal Flash Drive After you download the correct ISO restore file to a local storage device, you can continue with the process for restoring your appliance to its factory default settings.

  • Page 171: Completing The Restore Process

    Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System Power up the appliance. The appliance presents the following choices: 0. Load installer with standard console 1. Load installer with serial console Depending on how you connected to the appliance in step 4, select a display mode: •...
  • Page 172 Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System Configure the interface: • Static Select to configure a static IP address; a series of screens prompts you for the IP address, network mask, and default gateway for the interface you will use to copy the restore ISO file.
  • Page 173 Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System 3 Select Patches/SEUs Optionally, select to use the protocol and server established in step 4 and to inventory the server for patches and updates. WARNING! You must not change the names of the patch and update files.
  • Page 174 Restoring a 3D Sensor to Factory Defaults Chapter 5 Using an ISO File to Restore Your System Immediately press Enter to reboot the appliance. The appliance reboots and the LILO Boot Menu appears so that you can begin the second pass. Continue with step 6 in Using an Internal Flash Drive on page 170.

  • Page 175: Updating The Restore Usb Drive

    Restoring a 3D Sensor to Factory Defaults Chapter 5 Updating the Restore USB Drive Updating the Restore USB Drive The restore USB drive that is delivered with your 3D4500 or 3D6500 sensor model contains information that allows you to restore the sensor to its original factory defaults.

  • Page 176: Scrubbing The Contents Of The Hard Drive

    Restoring a 3D Sensor to Factory Defaults Chapter 5 Scrubbing the Contents of the Hard Drive Scrubbing the Contents of the Hard Drive If your appliance uses a restore USB drive or an internal flash drive to restore the system, you have the option to securely scrub the hard drive to ensure that its contents can no longer be accessed.

  • Page 177: Chapter 6: Safety And Regulatory Information

    Chapter 6 Safety and Regulatory Information Sourcefire appliances are delivered on multiple hardware platforms. General Safety Guidelines are applicable to all appliances. Regulatory Information for each appliance is described in its own section. Please read the following sections prior to installing the appliance and follow all guidelines when working with the appliance.
  • Page 178 Safety and Regulatory Information Chapter 6 General Safety Guidelines • Use a slow lifting force. Never move suddenly or twist when you attempt to lift. • Lift by standing or by pushing up with your leg muscles; this action removes the strain from the muscles in your back. Do not attempt to lift any objects that weigh more than 16 kg (35 lb) or objects that you think are too heavy for you.

  • Page 179: Safety Warning Statements

    Safety and Regulatory Information Chapter 6 Safety Warning Statements Safety Warning Statements Before installing this product, read the safety information in this section. Statement 1 DANGER! Electrical current from power, telephone, and communication cables is hazardous. To avoid a shock hazard: •...
  • Page 180 Safety and Regulatory Information Chapter 6 Safety Warning Statements Statement 2 CAUTION! When replacing the lithium battery, use only an equivalent type battery recommended by the manufacturer. If your system has a module containing a lithium battery, replace it only with the same module type made by the same manufacturer.
  • Page 181 Safety and Regulatory Information Chapter 6 Safety Warning Statements Statement 5 CAUTION! The power-control button on the device and the power switch on the power supply do not turn off the electrical current supplied to the device. The device also might have more than one power cord. To remove all electrical current from the device, ensure that all power cords are disconnected from the power source.

  • Page 182: Regulatory Information

    Keep away from moving fan blades. Regulatory Information The regulatory information for each of the appliances is described in its own section: • Sourcefire 3D Sensor 500/1000/2000 Information on page 183 • Sourcefire 3D Sensor 2100/2500/3500/4500 Information on page 184 •...

  • Page 183: Sourcefire 3D Sensor 500/1000/2000 Information

    Safety and Regulatory Information Chapter 6 Regulatory Information Sourcefire 3D Sensor 500/1000/2000 Information This appliance complies with the following electromagnetic compatibility (EMC) regulations: Federal Communications Commission (FCC) statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.

  • Page 184: Sourcefire 3D Sensor 2100/2500/3500/4500 Information

    Safety and Regulatory Information Chapter 6 Regulatory Information United Kingdom telecommunications safety requirement This apparatus is approved under approval number OTICE TO USTOMERS NS/G/1234/J/100003 for indirect connection to public telecommunication systems in the United Kingdom. European Union EMC Directive conformance statement This product is in conformance with the protection requirements of European Council Directive EMC 2004/108/EC.

  • Page 185: Sourcefire 3D Sensor 6500/9900 Information

    Safety and Regulatory Information Chapter 6 Regulatory Information • EN61000-3-3 Voltage Flicker (Europe) • EN55022, Class A Limit (Australia/New Zealand) • VCCI Class A ITE (CISPR 22, Class A Limit) (Japan) • BSMI Approval, CNS 13438, Class A and CNS13436 Safety (Taiwan) •...

  • Page 186: Sourcefire 3D Sensor 7000 Series Information

    Safety and Regulatory Information Chapter 6 Regulatory Information Sourcefire 3D Sensor 7000 Series Information 3D7010/7020/7030 This product complies with the following standards: Emissions: • FCC, 47 CFR Part 15, Class A digital device • EN 55022:2010, Class A • EN 55024:2010 •...
  • Page 187 Safety and Regulatory Information Chapter 6 Regulatory Information 3D7110/7120 Safety and Regulatory Compliance (Continued) Regulation Description AS/NZS CISPR22:2022 Information Technology Equipment - Radio Disturbance Characteristics FCC, 47 CFR Part 15, Radio Frequency Devices – Subpart B – Class A digital device Unintentional Radiators ICES-003 Issue 4 –...
  • Page 188 Safety and Regulatory Information Chapter 6 Regulatory Information Chassis Designations 7000 Series Chassis Models table lists the chassis designations and Korean certification registration numbers for the 3D7110/7120 models. 7000 Series Chassis Models 3D Sensor Model Hardware Chassis Code Korean KC Certification Registration Number 3D7010/7020/7030 CHRY-1U-AC...

  • Page 189: Sourcefire 3D Sensor 8000 Series Information

    Safety and Regulatory Information Chapter 6 Regulatory Information Sourcefire 3D Sensor 8000 Series Information This product complies with the following safety standards: 8000 Series Safety and Regulatory Compliance Regulation Description IEC 60950-1 Safety of Information Technology Equipment UL/CSA 60950-1:2nd Safety of Information Technology Equipment Edition –...
  • Page 190 Safety and Regulatory Information Chapter 6 Regulatory Information 8000 Series Safety and Regulatory Compliance (Continued) Regulation Description EC Council Directive 2006/95/EC EC Council Directive Electromagnetic compatibility 2004/108/EC These Sourcefire units are also in conformity with: Directive 2002/95/EC, Restriction of Hazardous Substances (RoHS) Chassis Designations 8000 Series Chassis Models table lists the chassis designations for the...
  • Page 191 Safety and Regulatory Information Chapter 6 Regulatory Information Safety Notice for Taiwan Safety Notice for Japan Chassis Designations for Korea 8000 Series Chassis Models for Korea table lists the chassis designations for the 8000 Series models available in the Republic of Korea. Please note a blank (empty position) may be substituted for a network module for each slot listed.
  • Page 192 Safety and Regulatory Information Chapter 6 Regulatory Information 8000 Series Chassis Models for Korea (Continued) 3D Sensor Model Hardware Chassis Code Korean KC Network Module Configuration Certification Registration Number 3D8120 / 3D8130 / CHAS-1U-DC-0004 KCC-REM-SFi- Slot 1: SF-3D-CLST-MOD-0 3D8140 CHAS1UDC0004 (or blank) (DC power) Slot 2: NM-*R2-0 (or blank)

  • Page 193: Waste Electrical And Electronic Equipment Directive (Weee)

    Safety and Regulatory Information Chapter 6 Waste Electrical and Electronic Equipment Directive (WEEE) Waste Electrical and Electronic Equipment Directive (WEEE) Sourcefire is compliant with the Waste Electrical and Electronic Equipment Directive (WEEE), Directive 2002/96/EC, as amended by 2003/108/EC. European Union customers who wish to dispose of a Sourcefire product may send it to Sourcefire for proper disposal.

  • Page 194: Chapter 7: Power Requirements For Sourcefire 3D Sensors

    Chapter 7 Power Requirements for Sourcefire 3D Sensors The following section describes the power requirements for the Sourcefire 3D System 3D Sensor and related information: • Warnings and Cautions on page 194 • 3D7010/7020/7030 on page 195 • 3D7110/7120 on page 197 •...

  • Page 195: Static Control

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D7010/7020/7030 exposed OSP cabling. The addition of the primary protectors is not sufficient protection to connect these interfaces metallically to OSP wiring. Static Control Electrostatic discharge control procedures, such as using grounded wrist AUTION straps and an ESD work surface, must be in place before unpacking, installing, or moving the appliance.

  • Page 196: Grounding/Earthing Requirements

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D7010/7020/7030 Frequency Range The frequency range of the AC power supply is 47 Hz to 63 Hz. Frequencies outside this range may cause the appliance to not operate or to operate incorrectly. Power Cord The power connection on the power supply is an IEC C14 connector and accepts IEC C13 connectors.

  • Page 197: 3D7110/7120

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D7110/7120 3D7110/7120 The 3D7110/7120 (GERY-1U-8-AC) is suitable for installation by qualified personnel in network telecommunication facilities and locations where the National Electric Code applies. Note that this 3D Sensor is available only as an AC appliance. Sourcefire recommends that you save the packing materials in case a return is necessary.

  • Page 198: Grounding/Earthing Requirements

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D7110/7120 Voltage The power supplies will work with these voltages: 100VAC to 240VAC nominal (85VAC to 264VAC maximum). Use of voltages outside this range may cause damage to the appliance. Current The labeled current rating for each supply is: 10A maximum over the full range, per supply 5A maximum for 187VAC to 264VAC, per supply.

  • Page 199: 3D8120/8130/8140 And 3D8250/8260/8270/8290

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D8120/8130/8140 and 3D8250/8260/8270/8290 Ground Wire Requirements The ground wire must be sized sufficiently to handle the current of the circuit in case of a single fault. The size of the ground wire should be equal to the current of the breaker used to protect the circuit.
  • Page 200 Power Requirements for Sourcefire 3D Sensors Chapter 7 3D8120/8130/8140 and 3D8250/8260/8270/8290 Separate Circuit Installation If separate circuits are used, each one must be rated the full rating of the appliance. This configuration provides for circuit failure and power supply failure. Example: Each supply is attached to a different 220V circuit.

  • Page 201: Dc Installation

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D8120/8130/8140 and 3D8250/8260/8270/8290 DC Installation Separate circuits are required to create redundant power sources. Use an uninterruptible or battery-backed power source to prevent power status issues or power loss due to input line power glitches. Supply sufficient power to each power supply to run the entire appliance.

  • Page 202: Grounding/Earthing Requirements

    Power Requirements for Sourcefire 3D Sensors Chapter 7 3D8120/8130/8140 and 3D8250/8260/8270/8290 Recommended Terminals Power is connected to the DC supplies through screw terminals. Terminals must be UL approved. Terminals must have a hole supporting an M4 or a #8 screw. The maximum width of the terminal is 8.1mm (0.320”).
  • Page 203 Power Requirements for Sourcefire 3D Sensors Chapter 7 3D8120/8130/8140 and 3D8250/8260/8270/8290 The following illustration indicates the bonding locations on the 1U chassis. Bonding Locations The following illustration indicates the bonding locations on the 2U chassis. Bonding Locations Recommended Terminals You must use UL -Approved terminals for the ground connection. Ring terminals with a clearance hole for 4mm or #8 studs may be used.

  • Page 204: For Assistance

    Power Requirements for Sourcefire 3D Sensors Chapter 7 For Assistance For Assistance If you have any questions or require assistance with the Sourcefire 3D Sensor, please contact Sourcefire Support: • Visit the Sourcefire Support Site at https://support.sourcefire.com/. • Email Sourcefire Support at support@sourcefire.com. •...

This manual is also suitable for:

100020002500350045006500 ... Show all

Table of Contents