Guest

CiscoWorks Management Center for Firewalls

CiscoWorks Management Center for Firewalls Datasheet

  • Viewing Options

  • PDF (44.1 KB)
  • Feedback
DATA SHEET

Management software for the configuration of Cisco PIX firewalls and Cisco Catalyst 6500 Series Firewall Services Module

PRODUCT OVERVIEW

The CiscoWorks Management Center for Firewalls and CiscoWorks Auto Update Server Software provide manageability for the Cisco ® firewall product line. The CiscoWorks Management Center for Firewalls features the "look and feel" of the Cisco PIX ® Device Manager but offers centralized management scalability of up to 1000 Cisco firewalls.
CiscoWorks Management Center for Firewalls and CiscoWorks Auto Update Server Software are components of the CiscoWorks VPN/Security Management Solution (VMS). VMS is an integral part of the SAFE Blueprint from Cisco and combines Web-based tools for configuring, monitoring, and troubleshooting:

• VPNs

• Firewalls

• Network Intrusion Detection Systems (IDSs)

• Host-based Intrusion Prevention Systems (IPSs)

• Router-based IPSs

CiscoWorks VMS is an integrated security management solution that addresses the needs of both small- and large-scale VPN and security deployments by helping protect productivity gains and reduce operating costs. Unlike point security products from multiple vendors that can leave vulnerable gaps, CiscoWorks VMS provides a comprehensive solution that ties separate security and VPN technologies into a single secure network.

Intended Use

The CiscoWorks Management Center for Firewalls provides centralized management of access rules, Network Address Translation (NAT), intrusion detection, and VPN on Cisco firewalls. It supports centralized management of nearly any Cisco firewall security network including remote access; demilitarized zone (DMZ); small office or home office (SOHO); voice, storage, and wireless networks; Internet security; and management security provider scenarios.

New Features

CiscoWorks Management Center for Firewalls 1.3.3 is the follow-on version of the CiscoWorks Management Center for Firewalls 1.3: New features in 1.3.3 include:

• Cisco PIX Firewall Software 6.3.4

• Authentication, authorization, and accounting (AAA) fallback

• Cisco Catalyst® 6500 Series Firewall Services Module (FWSM) 2.2

• Virtual Firewalls (Security Context)

• Transparent Firewall (Layer 2 Firewall)

• Policy NAT

• Policy Query

• Site-to-Site VPN

• Easy VPN Server

FEATURES AND BENEFITS

The CiscoWorks Management Center for Firewalls provides unique and robust scalability with these features:

• Smart Rules hierarchy and inheritance

• User-defined device and customer groups including nesting

• Global role-based access (RBAC) with administrative privileges per device and customer groups with CiscoWorks products and Cisco Secure Access Control Server (ACS)

• Mandatory and default device settings inheritance

• Workflow deployment to device, directory, or CiscoWorks Auto Update Server Software

• Look and feel of Cisco PIX Device Manager but with scalability to 1000 Cisco firewalls

• Web GUI

• Integration of market-leading management features from other CiscoWorks products

• Complete SAFE Blueprint from Cisco coverage for centralized management of Cisco PIX firewall and Cisco Catalyst 6500 Series FWSM including access control, VPNs, IDSs, and AAA

• Reduction in total configuration time

• Reduction in manual configuration errors

• Automatic update of remote firewall configurations and operating systems

• Automatic and periodic verification of remote firewall configurations

Smart Rules

Smart Rules is an innovative feature that allows common information, including access rules and settings, to be inherited for all firewalls in a device or customer group. Smart Rules allows a user to define common rules only one time, and then apply these rules to all firewalls, reducing configuration time and administrative errors. Smart Rules offers powerful device scalability. Smart Rules can be defined on a device or customer group.

Granular Administrative Privileges for Customer and Device Groups

The CiscoWorks Management Center for Firewalls allows users to separate devices by geography, customer, device type, or any other mechanism. The CiscoWorks Management Center for Firewalls supports multiple administrators. Administrative privileges can be defined on a device or customer group. Basic administrative privileges include the five roles defined in the CiscoWorks desktop. Administrative privileges can be defined within Cisco ACS to allow granular administrative privileges so that a customer can view their own firewall configurations but not those of another customer.

Benefits of CiscoWorks Management Center for Firewalls

The CiscoWorks Management Center for Firewalls, like other CiscoWorks products, supports flexible configuration deployment to a device, file directory, or CiscoWorks Auto Update Server Software. The CiscoWorks Management Center for Firewalls features the "look and feel" of the single-firewall Cisco PIX Device Manager. It offers the usability of Cisco PIX Device Manager combined with the scalability of centralized management for up to 1000 Cisco firewalls.
The CiscoWorks Management Center for Firewalls incorporates an easy-to-use Web GUI and secure configuration and distribution with Secure Sockets Layer (SSL) and secure digital certificates. The CiscoWorks Management Center for Firewalls supports scalability features from CiscoWorks LAN Management Solution (LMS) and Routed WAN Management Solution (RWAN) that facilitate LAN and WAN deployments of more than 20,000 devices. CiscoWorks features supported by the CiscoWorks Management Center for Firewalls include an approval flow, device list from CiscoWorks Resource Manager Essentials (RME), rollback, and activity and job management.

PRODUCT SPECIFICATIONS

Table 1 lists the primary specifications supported.

Table 1. Product Specifications

Product Compatibility

Cisco PIX 501, 506, 506E, 515, 515E, 525, and 535 firewalls; and the Cisco Catalyst 6500 Series FWSM

Software Compatibility

Cisco PIX 6.0, 6.1, 6.2.x, 6.3.x, FWSM 1.1.x, 1.2.x, and 2.2.x

Protocols

SSL

Memory

Refer to CiscoWorks VMS 2.3 deployment guide

SYSTEM REQUIREMENTS

For comprehensive hardware and operating requirements see the CiscoWorks VMS overview at: http://www.cisco.com/go/vms.

ORDERING INFORMATION

The CiscoWorks Management Center for Firewalls is a featured component of CiscoWorks VMS. For ordering details refer to the CiscoWorks VMS product bulletin at http://www.cisco.com/go/vms.

SERVICE AND SUPPORT

Cisco Systems ® offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, see Cisco Technical Support Services or Cisco Advanced Services.

FOR MORE INFORMATION

For more information about the CiscoWorks Management Center for Firewalls, visit: http://www.cisco.com/go/vms, contact your local account representative, or send e-mail to: ciscoworks@cisco.com.
Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Web site at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus · Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel · Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal · Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan · Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2004 Cisco Systems, Inc. All rights reserved. CCIP, CCSP, the Cisco Powered Network mark, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MGX, MICA, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, Stratm, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0402R)	204105.24_ETMG_LF_12.04Printed in the USA Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Web site at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus · Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel · Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal · Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan · Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2004 Cisco Systems, Inc. All rights reserved. CCIP, CCSP, the Cisco Powered Network mark, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MGX, MICA, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, Stratm, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0402R)	204105.24_ETMG_LF_12.04Printed in the USA