Q. What is CiscoWorks VPN/Security Management Solution (VMS)?
A. CiscoWorks VMS is an integral part of the SAFE Blueprint from Cisco
® and combines Web-based tools for configuring, monitoring, and troubleshooting:
• Network Intrusion Detection Systems (IDSs)
• Host-based Intrusion Prevention Systems (IPSs)
• Router based IPS
CiscoWorks VMS is an integrated security management solution that addresses the needs of both small- and large-scale VPN and security deployments by helping to protect productivity gains and reduce operating costs. Unlike point security products from multiple vendors that can leave vulnerable gaps, CiscoWorks VMS provides a comprehensive solution that ties separate security and VPN technologies into a single secure network.
Q. What features are new in CiscoWorks VMS 2.3?
A. Each function of CiscoWorks VMS has been enhanced: firewall management, VPN management, IDS and IPS management, security monitoring, and performance management. Specific details are listed in datasheets for each function and can be viewed at:
Other enhancements include a simplified installation.
Q. What are the component versions in the latest CiscoWorks VMS software?
A. The latest CiscoWorks VMS 2.3 software CD includes the component versions shown in Table 1.
Table 1. Component Versions
Common Services with Service Pack 3
CiscoWorks Management Center for Firewalls
Auto Update Server software
CiscoWorks Management Center for VPN Routers
CiscoWorks Management Center for IDS Sensors
CiscoWorks Monitoring Center for Security
CiscoWorks Monitoring Center for Performance
CiscoWorks Management Center for Cisco Security Agents
4.03 or later
CiscoWorks Resource Manager Essentials (RME)
Later versions of modules can be released on the Cisco web site before the CiscoWorks VMS media kit is updated. It is advisable for customers with a SAS or SASU service contract to check the website before starting installation from the media kit.
Q. How can I check for updates to CiscoWorks VMS?
A. Cisco periodically posts functional and maintenance updates to
Cisco.com. Go to:
Q. What is the status of the CiscoWorks VPN Monitor tool?
A. Cisco announced that the CiscoWorks VPN Monitor, which had shipped with CiscoWorks VMS 2.2, was the final release of the tool. The new CiscoWorks Monitoring Center for Performance tool has enhanced functions for VPN monitoring and is the replacement tool in CiscoWorks VMS 2.3.
Q. Which security devices does CiscoWorks VMS support?
A. CiscoWorks VMS supports configuration management for Cisco PIX
® firewalls, Cisco IOS
® routers, Cisco Catalyst 6500 series security modules, Cisco security agents, and Cisco IDS devices.
Q. Does CiscoWorks VMS support Solaris and Windows?
A. CiscoWorks VMS 2.3 supports Windows for all components. Solaris support is available on all components except the management console for Cisco Security Agent.
Q. Can CiscoWorks VMS 2.3 be installed on a Windows 2003?
A. It is not supported by Cisco with this release.
Q. What are the license requirements?
A. Registering CiscoWorks Common Services Software activates the management centers that use common services, including CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IDS Sensors, and CiscoWorks Management Center for VPN Routers. Without registering and installing a key, these applications expire in 90 days. The license key for Cisco Security Agent MC is included with the software but has to be installed. For further information, refer to Registration and Licensing Notes for CiscoWorks Common Services 2.3.
Note: CiscoWorks VMS 2.3 includes licenses for three Cisco Security Agent server agents. These agents are used to protect the CiscoWorks VMS 2.3 servers. Additional agent licenses are purchased separately from CiscoWorks VMS.
Q. Can I use an older CiscoWorks VMS 2.x license for VMS 2.3?
A. Yes. You can import the CiscoWorks VMS 2.x license into the new VMS 2.3 install.
Q. I have an earlier version of CiscoWorks VMS 2.x. Do I get a free VMS 2.3 upgrade?
A. If you purchased CiscoWorks VMS 2.x Software Application Support (SAS) or the SAS plus Upgrades (SASU) service, you can obtain CiscoWorks VMS 2.3 at no additional charge. Refer to your contract number when requesting minor updates at:
Q. Where can I find the CiscoWorks VMS 2.3 Evaluation software?
A. Evaluation software is on the CiscoWorks VMS
CiscoWorks VMS Software Center (registered customers only) download page. You can order a 90-day evaluation CD from your Cisco sales representative.
Q. Is the CiscoWorks VMS 2.3 Evaluation version on Cisco.com a full version of VMS 2.3?
A. No. It does not contain CiscoWorks RME.
Q. How can I order the complete version of CiscoWorks VMS 2.3?
A. Customers can purchase this new product through their regular sales channels. Customers with CiscoWorks VMS 2.x with current SAS or SASU contracts can request a CiscoWorks VMS 2.3 minor update kit with their contract number using the
Product Upgrade Tool (registered customers only).
Q. Which management tools are recommended for small deployments?
A. The Cisco PIX Device Manager, IDS Device Manager, and Security Device Manager are embedded device managers that can configure on a single device basis. These device managers are intended for smaller environments. CiscoWorks VMS can be used for environments that require more scalability.
Q. What are the recommended deployment guidelines for CiscoWorks VMS?