Cisco Security Manager

Cisco Security Manager 4.1 FAQ

  • Viewing Options

  • PDF (225.3 KB)
  • Feedback
Q. What is Cisco ® Security Manager?
A. Cisco Security Manager is an enterprise-class management application that provides insight into, and control of, Cisco network and security devices. Cisco Security Manager offers comprehensive security management (configuration, event and report management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, IPS Sensor Appliances, Integrated Services Routers, Firewall Services Modules, and Cisco Catalyst 6000 Series Switches. Cisco Security Manager allows you to efficiently manage networks of all sizes—from small business networks to those consisting of hundreds of devices.
Q. Who should deploy Cisco Security Manager?
A. Cisco Security Manager is designed to meet the security management needs of small to large enterprise environments that use Cisco network and security devices. Cisco Security Manager is not geared specifically for service provider environments. Typically, security administrators managing firewalls, VPNs, and IPSs would use Cisco Security Manager.
Q. What's new in Cisco Security Manager 4.1?
A. Cisco Security Manager 4.1 provides several enhancements. Major new features in this release include:

1. Native firewall, IPS, and VPN report functionality for better visibility

2. Simplified Extranet VPN configuration

3. Integrated troubleshooting tools such as Packet Capture and Traceroute for advanced troubleshooting needs

4. Mechanisms to export policies from one CSM server into others, for simplified policy migration across multiple instances of CSM

5. Support for the latest ASA firewall and VPN features (ASA v8.4), including EtherChannel, IKEv2, and Kerberos Constrained Delegation (KCD)

6. Support for Windows 2008 R2

A detailed list of all features is provided in the product release notes.

Q. What are the reporting capabilities of CSM 4.1?
A. The reporting functionality in CSM will enable administrators to:

1. use a set of system-defined reports to gain insights into the security aspects of Cisco firewall, IPS, and site-to-site and remote access VPN features

2. run custom reports, based on time, specific device(s), and other variables, to meet specific security needs

3. run on-demand reports to quickly identify security patterns, then export those reports to PDF or Excel formats

4. schedule reports for recurring security analysis

Q. What kind of training is available for Cisco Security Manager 4.1?
A. Visit for Cisco Security Manager 4.1 data sheets, bulletins, and deployment guides. In addition, Cisco will provide a new learning course, as well as related online videos and webinars. Customers may also participate in upcoming Cisco NetPro events. All of these training opportunities will be announced in Cisco security newsletters.
Q. What is the upgrade path for existing Cisco Security Manager customers?
A. Existing Cisco Security Manager 4.0 customers with valid software support can obtain an upgrade to Cisco Security Manager 4.1. CSM 4.0 customers can also buy minor upgrade licenses to upgrade to CSM 4.1. Customers with version 3.X will first need to upgrade to CSM 4.0 by purchasing Cisco Security Manager 4.0 upgrade licenses. There is no direct upgrade path from CSM 3.x to CSM 4.1. The upgrade procedure from CSM 3.x to CSM 4.0 is covered in the CSM 4.0 Product Bulletin.
Q. Is Cisco Security Manager 4.1 supported on VMware?
A. Yes. Cisco Security Manager 4.1 is supported on VMware ESX/ESXi Server 4.0.
Q. What support options are available for Cisco Security Manager?
A. Cisco Security Manager is eligible for technical support service coverage under Cisco SAS.
For details on Cisco SAS coverage, please visit
Cisco Software Application Support plus Upgrades (SASU) is not available for Cisco Security Manager.
Q. What options are available to evaluate Cisco Security Manager?
A. Anybody with a valid account can download Cisco Security Manager and use the software for up to 90 days in evaluation mode. Visit and select the “Download Software” link. Note: This download does not include CiscoWorks Resource Manager Essentials (RME).

There is no separate evaluation license. The product operates automatically in evaluation mode in the absence of an installed permanent license file.

Q. Where can I find a technical Q&A for Cisco Security Manager?
A. An updated version of the “FAQs and Troubleshooting Guide for Cisco Security Manager 4.x” is available at .
For specific recommendations on deploying Cisco Security Manager, download the latest deployment guide at: