Guest

Cisco Security Manager

Cisco Security Manager 3.01

  • Viewing Options

  • PDF (166.8 KB)
  • Feedback

Product Bulletin No. 3215

Cisco Systems® announces the availability of Cisco® Security Manager 3.01

Cisco Security Manager is part of the Cisco Security Management Suite, which delivers comprehensive policy administration and enforcement for the Cisco Self-Defending Network. The suite also includes the Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS), which can be purchased separately. Unlike point security products from multiple vendors, which often do not work together and can leave vulnerable gaps, the Cisco Security Management Suite provides a comprehensive solution for provisioning, monitoring, and mitigation to keep networks safer, more resilient, and easier to operate.

Cisco Security Manager is an industry-leading enterprise-class application for managing security. Cisco Security Manager addresses configuration management of firewall, VPN, and intrusion prevention system (IPS) security services across Cisco routers, security appliances, and security services modules. For a summary of Cisco Security Manager features and benefits, refer to the Cisco Security Manager 3.01 data sheet at http://www.cisco.com/go/csmanager.

LICENSING

Cisco Security Manager has three base versions:

• Cisco Security Manager Enterprise Edition (Standard-5)

• Cisco Security Manager Enterprise Edition (Standard-25)

• Cisco Security Manager Enterprise Edition (Professional-50)

The Standard versions provide management for 5 and 25 devices, respectively. The Professional version includes support for 50 devices and supports incremental device license packages available in increments of 50, 100, 500, and 1000 devices. The Professional version includes support for the management of Cisco Catalyst ® 6500 Series switches and associated services modules; the Standard versions do not include this support.

Table 1. Cisco Security Manager Part Numbers

Product Part Number

Product Description

Software Application Support
(SAS) Service

To receive technical support and future minor software updates

CSMST5-3.0-K9

Cisco Security Manager 3.01 Enterprise Standard-5 Media Kit: 5-Device Limit

CON-SAS-CSMST5-3

CSMST25-3.0-K9

Cisco Security Manager 3.01 Enterprise Standard-25 Media Kit: 25-Device Limit

CON-SAS-CSMST253

CSMPR50-3.0-K9

Cisco Security Manager 3.01 Enterprise Professional-50 Media Kit: 50-Device
Base License

CON-SAS-CSMPR-3

CSMPR-LIC-50

Cisco Security Manager Enterprise Professional: Incremental 50-Device License

CON-SAS-CSMPRI50

CSMPR-LIC-100

Cisco Security Manager Enterprise Professional: Incremental 100-Device License

CON-SAS-CSMPRI1C

CSMPR-LIC-500

Cisco Security Manager Enterprise Professional: Incremental 500-Device License

CON-SAS-CSMPRI5C

CSMPR-LIC-1000

Cisco Security Manager Enterprise Professional: Incremental 1000-Device License

CON-SAS-CSMPRI1K

CSMST-CSMPR-UPG-K9

Cisco Security Manager Enterprise Upgrade from Standard-25 to Professional-50

CON-SAS-CSMPR-3

(Replaces standard 25 if on existing support agreement)

VMS-CSMST5-UPG-K9

Upgrade from any CiscoWorks VMS license to Cisco Security Manager 3.01 Enterprise Standard-5 Media Kit: 5-Device Limit

CON-SAS-CSMST5-3

VMS-CSMST25-UPG-K9

Upgrade from any CiscoWorks VMS license to Cisco Security Manager 3.01 Enterprise Standard-25 Media Kit: 25-Device Limit

CON-SAS-CSMST253

VMS-CSMPR-UPG-K9

Upgrade from any CiscoWorks VMS license to Cisco Security Manager 3.01 Enterprise Professional Media Kit: 50-Device Base License

CON-SAS-CSMPR-3

Note: The management software will consume a device license for:
- Each added physical device
- Each added Cisco Catalyst 6500 Series Security Services Module
- Each security context for a firewall

The license allows the use of the software on a single server. A standby Cisco Security Manager server does not require a separate license if only one server is active at any one time.

Migration Options from CiscoWorks VPN/Security Management Solution

Cisco is not adding support for new features and new devices in CiscoWorks VPN/Security Management Solution (CiscoWorks VMS) after the release of Cisco Security Manager. Furthermore, support for devices such as Cisco ASA 5500 Series Adaptive Security Appliances is only be available with Cisco Security Manager. Customers that require provisioning for Cisco firewalls, VPNs, and IPSs will want to plan their migration to take advantage of significant enhancements in the new software.
Customers with a current Cisco Software Application Support (SAS) service or Software Application Support plus Upgrades (SASU) service for CiscoWorks VMS are entitled to a defined device license for Cisco Security Manager at no additional charge. The value of the new license is higher than the cost of the original CiscoWorks VMS purchase. Customers with a current CiscoWorks VMS Basic license that have a Cisco SMARTnet ® contract, or a Cisco Services for IPS contract with selected IPS hardware, can also upgrade to Cisco Security Manager. See Tables 2 to 4 for the upgrade licenses that can be requested at no additional cost from http://www.cisco.com/upgrade. The appropriate upgrade option will be visible on the Website if you have an eligible service contract with an existing CiscoWorks VMS license.

Note: All no charge and discounted offers to upgrade from CiscoWorks VMS to Cisco Security Manager will be discontinued after April 2, 2007.

Table 2. Cisco Security Manager 3.01 Migration Options for CiscoWorks VMS Restricted Licenses

You currently have a CiscoWorks VMS Restricted license that has been obtained with any one of the following:

• CWVMS-2.3-R-K9
• CWVMS-2.3-RUP-K9
• CWVMS-2.2-WINR-K9
• CWVMS-2.2-WUPGR-K9
• CWVMS-2.1-WINR-K9
• CWVMS-2.1-WUPGR-K9
• CWVMS-2.0-WINR-K9
• CWVMS-2.0-WUPGR-K9

How to get Cisco Security Manager 3.01?

If you have a CiscoWorks VMS service contract:

• You may request a license and media kit at no cost from the Cisco Product Upgrade Tool at http://www.cisco.com/upgrade.
• Customers with CiscoWorks VMS SAS service will be offered a Cisco Security Manager Standard license to manage 25 devices. The product part number is CSMST25-3.0-K9. Also order the associated service CON-SAS-CSMST253 to receive technical support and future minor software updates.
• Customers with CiscoWorks VMS SASU service will be offered a Cisco Security Manager Professional license to manage 50 devices. The product part number is CSMPR50-3.0-K9. The associated service is CON-SAS-CSMPR-3.

If you do not have a CiscoWorks VMS service contract, you may order one of the following discounted upgrade options from Table 1:

• VMS-CSMST5-UPG-K9
• VMS-CSMST25-UPG-K9
• VMS-CSMPR-UPG-K9

Table 3. Cisco Security Manager 3.01 Migration Options for CiscoWorks VMS Unrestricted Licenses

You currently have a CiscoWorks VMS Unrestricted license that was obtained with any of the following:

• CWVMS-2.3-UR-K9
• CWVMS-2.3-URUP-K9
• CWVMS-2.2-UR-K9
• CWVMS-2.2-UPGUR-K9
• CWVMS-2.1-UR-K9
• CWVMS-2.1-URC-K9
• CWVMS-2.1-UPGUR-K9
• CWVMS-2.0-UR-K9
• CWVMS-2.0-URC-K9
• CWVMS-2.0-UPGUR-K9

How to get Cisco Security Manager 3.01?

If you have a CiscoWorks VMS service contract:

• You may request a license and media kit at no cost from the Cisco Product Upgrade Tool at http://www.cisco.com/upgrade.
• Customers with CiscoWorks VMS SAS service will be offered a Cisco Security Manager Enterprise Professional license to manage 50 devices. The product part number is CSMPR50-3.0-K9. Also order the associated service CON-SAS-CSMPR-3 to receive technical support and future minor software updates.
• Customers with CiscoWorks VMS SASU service will be provided with a Cisco Security Manager Enterprise Professional license to manage 150 devices. The product part number is VMSU-CSMPR-UPG-K9. The associated service to order is CON-SAS-CSM3P150.

If you do not have a CiscoWorks VMS service contract, you may order one of the following discounted upgrade options from Table 1:

• VMS-CSMST5-UPG-K9
• VMS-CSMST25-UPG-K9
• VMS-CSMPR-UPG-K9

Table 4. Cisco Security Manager 3.01 Migration Options for CiscoWorks VMS Basic Licenses

You currently have a CiscoWorks VMS Basic license that was obtained with one of the following IPS hardware options:

• NM-CIDS-K9
• 2600 NET MODS
• NETWORK MODS OPT
• 3725 NETWK MODS
• 2691 NM OPT
• 3745 NETWK MODULES
• 2650 XM NET MODS
• 2800 NET MODS
• 2851 NET MODS
• 2821 NET MODS
• 3845 NET MODS
• 3825 NET MODS
• NM-CIDS-K9=
• IDS-4235-K9
• IDS-4250-TX-K9
• IDS-4250-SX-K9
• IDS-4250-XL-K9
• IDS-4215-K9
• IDS-4215-4FE-K9
• IDS4215-CSA-BUN-K9
• IPS-4240-K9
• IPS-4255-K9
• PIX515E-DMZ-CSA-K9
• IDS-4215-4FE-NFR
• IPS-4240-DC-K9
• IDS4215-NFR-4FE-K9
• ASA5520-AIP10-K9
• ASA5530-AIP20-K9
• ASA5520-AIP20-K9
• ASA5510-AIP10-K9
• ASA5540-AIP20-K9
• ASA5510-AIP-NFR-K9
• ASA5520-AIP-NFR-K9
• ASA5510-AIP10-DCK9
• ASA5510-AIP10-K8
• ASA5520-AIP10-K8
• ASA5520-AIP20-K8
• ASA5540-AIP20-K8

How to get Cisco Security Manager 3.01?

If you have an eligible Cisco Services for IPS or Cisco SMARTnet contract:

• You may request a license and media kit at no cost from the Cisco Product Upgrade Tool at http://www.cisco.com/upgrade.
• Customers will be offered a Cisco Security Manager 3.01 Enterprise Standard license to manage five devices. The product part number is CSMST5-3.0-K9. Also order the associated service CON-SAS-CSMST5-3 to receive technical support and future minor software updates.
• The free upgrade is available until April 2, 2007.

If you are not eligible, you can order one of the following discounted upgrade options from Table 1:

• VMS-CSMST5-UPG-K9
• VMS-CSMST25-UPG-K9
• VMS-CSMPR-UPG-K9

Migration for Customers Using Cisco Security Agents and Security Monitoring

• Cisco Security Manager does not include Cisco Security Agent management software. Existing CiscoWorks VMS customers that are using the Management Center for Cisco Security Agent 4.5 or 5.0 software should continue using these versions.

• The migration to a later version of Cisco Security Agent software will be announced at the appropriate time on http://www.cisco.com/go/csa. Customers that have purchased the Cisco Security Agent starter kit with SASU can request a free upgrade to a later version of Cisco Security Agent from http://www.cisco.com/upgrade when it is available.

• If provisioning for Cisco firewalls, VPNs, and network IPSs is also required, install Cisco Security Manager on a separate server. The Management Center for Cisco Security Agent software cannot coexist on the same server.

• Cisco Security Manager does not include security monitoring. CiscoWorks VMS customers that are using the Monitoring Center for Security software (Sec Mon) may consider using the Cisco Security MARS product, which offers substantially more features and enhancements for monitoring and mitigation of threats. More product details can be found at http://www.cisco.com/go/mars. Customers may also consider the Cisco IPS Event Viewer tool, which is provided at no additional cost. The Cisco IPS Event Viewer will monitor up to five Cisco IPS devices. The software is easy to set up and use. More information about the Cisco IPS Event Viewer is available at http://www.cisco.com/go/ips.

SERVICE OPTIONS

Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, visit http://www.cisco.com/go/services/security.
Cisco Security Manager software is eligible for technical support service coverage under a Cisco SAS service agreement, which features:

• Unlimited access to the Cisco Technical Assistance Center for award-winning support. Technical assistance is provided by Cisco software application experts who are trained in Cisco security software applications. Support is available 24 hours per day, 7 days per week, 365 days per year worldwide.

• Registered access to Cisco.com, a robust repository of application tools and technical documents to assist in diagnosing network security problems, understanding new technologies, and staying current with innovative software enhancements. Utilities, white papers, application design data sheets, configuration documents, and case management tools help expand your in-house technical capabilities.

• Access to application software bug fixes and maintenance and minor software releases.

Customers requiring Cisco technical support and minor updates to Cisco Security Manager will need to purchase a Cisco SAS service contract. Table 1 lists the SAS part numbers. Tables 2, 3, and 4 also help you select the correct SAS part numbers if upgrading from CiscoWorks VMS.

AVAILABILITY

Customers can purchase this new product through their regular sales channels. The product is also available for downloading from http://www.cisco.com/go/csmanager.

FOR MORE INFORMATION

For more information about Cisco Security Manager 3.01, visit http://www.cisco.com/go/csmanager, contact your account manager or a Cisco authorized partner, or send e-mail to ask-csmanager@cisco.com.