Guest

Cisco Security Manager

Cisco Security Manager 4.0

  • Viewing Options

  • PDF (129.9 KB)
  • Feedback

PB 586395

Cisco® Security Manager is an enterprise-class security management solution that helps organizations easily configure and troubleshoot any Cisco security deployment. Cisco Security Manager can be used to manage network services such as firewall, intrusion prevention system (IPS), and site-to-site virtual private network (VPN), as well as remote-access VPN services.

Cisco Security Manager supports security features on a wide range of Cisco devices, including firewalls, IPS sensors, integrated services routers (ISRs), and aggregation services routers (ASRs), as well as Cisco Catalyst ® switches and service blades such as the Firewall Services Module (FWSM) and the Intrusion Detection System Services Module (IDSM).

Cisco Security Manager 4.0 is a major release that delivers integrated event management and enhanced troubleshooting tools. For more information, please visit http://www.cisco.com/go/csmanager.

New Features in Cisco Security Manager 4.0

• Enterprise-class integrated policy and event management for better control and visibility into security devices. Supports syslog messages for Cisco ASA appliances and Security Device Event Exchange (SDEE) events for Cisco IPS sensors.

• Easy troubleshooting of operational issues using intuitive, event-to-policy linkages, and tools such as Cisco Packet Tracer.

• Selective management of Cisco ASA appliance policies and detection of out-of-band (OOB) changes to enable Cisco Security Manager to operate in heterogeneous IT environments.

• Simplified policy definition paradigms for Cisco ASA appliances for Network Address Translation (NAT); global access rules for improved management efficiency.

• Enhanced support for Cisco's latest IPS and firewall features, including a Botnet Traffic Filter and a Global Threat Correlation engine, providing comprehensive threat response.

• Support for 32-bit and 64-bit versions of Microsoft Windows 2008.

• Bulk rediscovery of devices.

For details about the new features and benefits of Cisco Security Manager 4.0, see the Cisco Security Manager data sheet at: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-584863.html.

Cisco Security Manager 4.0 Hardware and Operating System Requirements

Cisco Security Manager 4.0 requires modern server hardware and software in order to deliver an optimized user experience. While some customers may be able to upgrade their existing Cisco Security Manager 3.x server to run Version 4.0, the majority of customers will benefit greatly by deploying Cisco Security Manager 4.0 on a modern server. Table 1 lists the requirements for Cisco Security Manager 4.0.

Table 1. Server Hardware and Software Requirements for Cisco Security Manager 4.0

Recommended Server Hardware for Cisco Security Manager 4.0

Recommended server

Cisco UCS C200

CPU

Intel Quadcore Xeon 5500 Series

Memory

8 GB

HDD

2 x 1 TB minimum

HDD partitioning

Windows + Cisco Security Manager: 500 GB

Log storage: 1.5 TB

HDD RAID

RAID 10

Network adapter

1 Gbps

Recommended Server Software

Operating system

Windows 2008 Server R1, 64-bit

Disk optimization

Diskeeper 2010 Server

Antivirus

Real-time protection disabled

Physical and eDelivery Licenses

Cisco Security Manager 4.0 and associated licenses are available for both physical and electronic delivery to customers. Customers can continue to order traditional physical delivery part numbers and will be shipped the appropriate DVD or paper license keys. In addition, a new eDelivery option is now available that enables customers to download Cisco Security Manager directly from Cisco.com and receive license keys via email. The eDelivery option can greatly reduce the time between the customer ordering and deploying Cisco Security Manager.

Cisco Security Manager Server Licenses

Cisco Security Manager 4.0 is available in two feature levels: Standard and Professional. Enterprise customers will greatly benefit from the scalability and broader device support offered by Cisco Security Manager 4.0 Professional. Meanwhile, small commercial customers will find Cisco Security Manager 4.0 Standard to be an exceptional value. Device managers such as Adaptive Security Device Manager (ASDM) for the Cisco ASA 5500 Series best serve small business customers who do not need to manage security policies across multiple devices. Table 2 lists basic part numbers for Cisco Security Manager 4.0 Standard and Professional.

Table 2. Part Numbers for Cisco Security Manager 4.0 Standard and Professional

Physical Part Number

eDelivery Part Number

Description

CSMST5-4.0-K9

L-CSMST5-4.0-K9

Cisco Security Manager 4.0 Standard - 5-Device License

CSMST10-4.0-K9

L-CSMST10-4.0-K9

Cisco Security Manager 4.0 Standard - 10-Device License

CSMST25-4.0-K9

L-CSMST25-4.0-K9

Cisco Security Manager 4.0 Standard - 25-Device License

CSMPR50-4.0-K9

L-CSMPR50-4.0-K9

Cisco Security Manager 4.0 Professional - 50-Device License

Note: Device Count for Licensing

The management software consumes a device license for:

• Each added physical device

• Each added Cisco Catalyst 6500 Series services module

• Each security context

• Each virtual sensor

Advanced Inspection and Prevention Security Services Modules (AIP-SSMs), IDS Network Modules, and IPS Advanced Integration Modules (IPS AIMs) installed in the host device do not consume a license; however, additional virtual sensors (added after the first sensor) are counted.
In the case of a FWSM, the module itself consumes a license and then an additional license for each added security context. For example, an FSWM with two security contexts would consume three licenses: one for the module, one for the admin context, and one for the second security context. If the Cisco Catalyst chassis itself is added to Cisco Security Manager, it too will consume a license.
Device-counting logic in Cisco Security Manager 4.0 is the same as for Cisco Security Manager 3.x releases.

Cisco Security Manager Professional Incremental Device Licenses

Customers with large security estates can increase the number of devices supported by Cisco Security Manager Professional using incremental device licenses. (These licenses cannot be used with Cisco Security Manager Standard.) Incremental device licenses are stackable and several licenses may be activated on a single Cisco Security Manager Professional server. For instance, a Cisco Security Manager 4.0 Professional customer who also purchases CSMPR-LIC-100 will be able to manage a total of 150 devices. Incremental device licenses that were purchased for Cisco Security Manager 3.x will continue to work with Cisco Security Manager 4.0. Table 3 lists incremental part numbers.

Table 3. Incremental Part Numbers for Cisco Security Manager 4.0 Professional

Physical Part Number

eDelivery Part Number

Description

CSMPR-LIC-50

L-CSMPR-LIC-50

Cisco Security Manager 4.0 Professional - Incremental 50-Device License

CSMPR-LIC-100

L-CSMPR-LIC-100

Cisco Security Manager 4.0 Professional - Incremental 100-Device License

CSMPR-LIC-250

L-CSMPR-LIC-250

Cisco Security Manager 4.0 Professional - Incremental 250-Device License

Please note that the CSMPR-LIC-500 and CSMPR-LIC-1000 licenses will be reaching end-of-sale status .

Upgrade Licenses

Existing Cisco Security Manager 3.x customers can upgrade to Cisco Security Manager 4.0 using the part numbers listed below. Please note that the upgrade from Version 3.x to Version 4.0 is not covered under the Cisco Software Application Support (SAS) Service. We highly encourage customers to stay current with Cisco Security Manager, as new feature and device support is only available in the latest release. Incremental device licenses purchased for Cisco Security Manager 3.x will continue to work with Cisco Security Manager 4.0. Table 4 lists part numbers for upgrading from Cisco Security Manager 3.x to Version 4.0.

Table 4. Part Numbers for Upgrading from Cisco Security Manager 3.x to Version 4.0

Physical Part Number

eDelivery Part Number

Description

CSMST5-U-4.0-K9

L-CSMST5-U-4.0-K9

Upgrade from Cisco Security Manager 3.x Standard to 4.0 Standard - 5-Device Limit

CSMST25-U-4.0-K9

L-CSMST25-U-4.0-K9

Upgrade from Cisco Security Manager 3.x Standard to 4.0 Standard - 25-Device Limit

CSMPR50-U-4.0-K9

L-CSMST50-U-4.0-K9

Upgrade from Cisco Security Manager 3.x Professional to 4.0 Professional

Upgrading from Cisco Security Manager Standard to Professional

Occasionally, customers will find they have outgrown the capabilities of Cisco Security Manager Standard and will need to upgrade to Cisco Security Manager Professional. This is typical for customers who originally purchased Cisco Security Manager Standard but over time need to manage Catalyst security blades, or whose deployment grows beyond the 25-device limit of Cisco Security Manager Standard. Table 5 lists part numbers for upgrading from Cisco Security Manager Standard to Professional.

Table 5. Part Numbers for Upgrading from Cisco Security Manager Standard to Cisco Security Manager Professional

Physical Part Number

eDelivery Part Number

Description

CSMSTPR-U-4.0-K9

L-CSMSTPR-U-4.0-K9

Upgrade from Cisco Security Manager Standard 25-Device Limit to Cisco Security Manager Professional

Please note that this license is not for upgrading from Cisco Security Manager 3.x to Version 4.0

Cisco Security Manager Support Service Licenses

Customers are highly encouraged to purchase the appropriate Cisco Software Application Support (SAS) Service entitling them to receive technical support and minor software updates for Cisco Security Manager 4.0. See Table 6 for part numbers.

Table 6. Part Numbers for Cisco Security Manager Support Service Licenses

Physical Part Number

eDelivery Part Number

Support Part Number

CSMST5-4.0-K9

L-CSMST5-4.0-K9

CON-SAS-CSMST54

CSMST10-4.0-K9

L-CSMST10-4.0-K9

CON-SAS-CSMST104

CSMST25-4.0-K9

L-CSMST25-4.0-K9

CON-SAS-CSMST254

CSMPR50-4.0-K9

L-CSMPR50-4.0-K9

CON-SAS-CSMPR504

CSMPR-LIC-50

L-CSMPR-LIC-50

CON-SAS-CSMPRI50

CSMPR-LIC-100

L-CSMPR-LIC-100

CON-SAS-CSMPRI1C

CSMPR-LIC-250

L-CSMPR-LIC-250

CON-SAS-CSMPR250

CSMST5-U-4.0-K9

L-CSMST5-U-4.0-K9

CON-SAS-CSMST5U

CSMST25-U-4.0-K9

L-CSMST25-U-4.0-K9

CON-SAS-CSMST25U

CSMPR50-U-4.0-K9

L-CSMPR50-U-4.0-K9

CON-SAS-CSMPR40U

CSMSTPR-U-4.0-K9

L-CSMSTPR-U-4.0-K9

CON-SAS-CSMSTPRU

Choosing the Right Cisco Security Manager License: New Customer Scenario

1. Selection of Cisco Security Manager Base Product Version

• If you need to manage Catalyst 6500 or FWSM/IDSM blades, choose CSMPR-50-4.0-K9 or its eDelivery version.

• Based on the number of devices you need to manage using Cisco Security Manager (after accounting for future growth prospects), obtain:

– CSMST5-4.0-K9 or its eDelivery version for networks of five or fewer devices.

– CSMST10-4.0-K9 or its eDelivery version for networks of 10 or fewer devices.

– CSMST25-4.0-K9 or its eDelivery version for networks of 25 or fewer devices.

– CSMPR50-4.0-K9 or its eDelivery version for larger networks. In addition, consider incremental licenses.

• If you obtained CSMST25-4.0-K9 but need to manage Catalyst switches or blades, or need to manage more than 25 devices, obtain CSMSTPR-U-4.0-K9 or its eDelivery version to upgrade to the Professional version of the product.

2. Incremental licenses allow you to manage more devices. Based on the size of the network you need to manage, obtain:

CSMPR-LIC-50 or its eDelivery version to add management of 50 additional devices.

CSMPR-LIC-100 or its eDelivery version to add management of 100 additional devices.

CSMPR-LIC-250 or its eDelivery version to add management of 250 additional devices.

• For larger networks:

– Purchase multiple units of incremental licenses if you want to install these on the same Cisco Security Manager server.

– Purchase base licenses and/or incremental licenses if you want to install multiple Cisco Security Manager servers to obtain better performance.

3. In addition to the base and incremental licenses, you must purchase equivalent support contracts.

Choosing the Right Cisco Security Manager License: Existing Customer Scenario

1. When you are ready to upgrade from Cisco Security Manager 3.x to Cisco Security Manager 4.0, obtain:

CSMST5-U-4.0-K9 or its eDelivery version if you currently own CSMST5-3.3-K9 or a similar license for earlier 3.x versions.

CSMST25-U-4.0-K9 or its eDelivery version if you currently own CSMST25-3.3-K9 or a similar license for earlier 3.x versions.

CSMPR50-U-4.0-K9 or its eDelivery version if you currently own CSMPR50-3.3-K9 or a similar license for earlier 3.x versions.

2. Any incremental licenses you already own for Cisco Security Manager 3.x will be applicable for Cisco Security Manager 4.0. You do not need to obtain new incremental licenses to manage the same number of devices. If you intend to enable event management for larger networks, you may need to deploy multiple Cisco Security Manager servers, which involves obtaining additional base product licenses.

3. Cisco Security Manager 3.x support contracts will not support Cisco Security Manager 4.0. You may need to purchase a Cisco Security Manager 4.0-specific support contract. Once the production system is completely transitioned to Cisco Security Manager 4.0, you may choose to discontinue Cisco Security Manager 3.x support.

Cisco Services

Cisco takes a lifecycle approach to services and, with its partners, provides a broad portfolio of security services so enterprises can design, implement, operate, and optimize network platforms that defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.
Cisco services help you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, visit: http://www.cisco.com/en/US/products/svcs/ps2961/ps2952/serv_group_home.html

Cisco Security Intelligence Operations (SIO) service provides a central location for early warning threat and vulnerability intelligence and analysis, Cisco IPS signatures, and mitigation techniques. Visit and bookmark Cisco SIO at http://www.cisco.com/security.

Cisco Security IntelliShield Alert Manager Service provides a customizable, web-based threat and vulnerability alert service that allows organizations to easily access timely, accurate, and credible information about potential vulnerabilities in their environment.

Cisco Software Application Support (SAS) Service keeps Cisco Security Manager up and running with around-the-clock access to technical support and software updates.

Cisco Security Optimization Service helps organizations maintain peak network health. The network infrastructure is the foundation of an agile and adaptive business. The Cisco Security Optimization Service supports the continuously evolving security system to meet ever-changing security threats through a combination of planning and assessments, design, performance tuning, and ongoing support for system changes.

Cisco Security Manager software is eligible for technical support service coverage under a Cisco SAS service agreement, which features:

• Unlimited access to the Cisco Technical Assistance Center (TAC) for award-winning support. Technical assistance is provided by Cisco software application experts trained in Cisco security software applications. Support is available 24 hours a day, 7 days a week, 365 days a year worldwide.

• Registered access to Cisco.com, a robust repository of application tools and technical documents that can assist you in diagnosing network security problems, understanding new technologies, and staying current with innovative software enhancements. Utilities, white papers, application design data sheets, configuration documents, and case management tools help expand your in-house technical capabilities.

• Access to application software bug fixes and maintenance, as well as minor software releases.

Customers requiring Cisco technical support and minor updates to Cisco Security Manager will need to purchase a Cisco SAS service agreement.

Availability

Customers can purchase Cisco Security Manager 4.0 through regular sales channels after the first customer shipment of the product. The product is also available for evaluation by downloading it from http://www.cisco.com/go/csmanager or by ordering an evaluation kit from the Collateral and Subscriptions Store at Cisco Marketplace at http://www.cisco.com/pcgi-bin/marketplace/welcome.pl.

For More Information

For more information about Cisco Security Manager 4.0, visit http://www.cisco.com/go/csmanager, contact your account manager or a Cisco Authorized Technology Provider, or send an email to ask-csmanager@cisco.com.