Guest

Cisco Security Manager

Cisco Security Manager UCS Server Bundles Quick Start Guide

  • Viewing Options

  • PDF (499.3 KB)
  • Feedback
Cisco Security Manager UCS Server Bundles Quick Start Guide

Table Of Contents

Cisco Security Manager UCS Server Bundles Quick Start Guide

Contents

Product Description

Deployment Mode—Standard Only; No HA or DR

Steps to Get Up and Running with Cisco Security Manager

BIOS Setup, OS Tuning, and Security Manager Tuning (these were done by Cisco before shipment of the Bundle to you)

Performance Parameters

Updates and Service Packs for Windows

Patches and Service Packs for Security Manager

Usernames and Passwords

Windows Activation, Product Key, and EULA

Updates and Service Packs for the UCS Server

Cisco Security Manager License

IP Address and Hostname

Assigning an IP Address

Changing the IP Address

Changing the Hostname

Recovery Media

If You Need to Return Your Bundle to Cisco

Related Documentation

Obtaining Documentation and Submitting a Service Request


Cisco Security Manager UCS Server Bundles Quick Start Guide


First Published: August 22, 2011
Revised: February 28, 2012

Caution Your Cisco Security Manager license is provided in paper format and is packed in your shipping carton along with your new Bundle itself. Please take care that it is not inadvertently discarded or lost.


Caution Recovery media (2 CDs) are provided with your new Bundle. Please take care that they are not inadvertently discarded or lost.

Contents

Product Description

Deployment Mode—Standard Only; No HA or DR

Steps to Get Up and Running with Cisco Security Manager

BIOS Setup, OS Tuning, and Security Manager Tuning (these were done by Cisco before shipment of the Bundle to you)

Performance Parameters

Updates and Service Packs for Windows

Patches and Service Packs for Security Manager

Usernames and Passwords

Windows Activation, Product Key, and EULA

Updates and Service Packs for the UCS Server

Cisco Security Manager License

IP Address and Hostname

Recovery Media

If You Need to Return Your Bundle to Cisco

Related Documentation

Product Description

This printed copy of Cisco Security Manager UCS Server Bundles Quick Start Guide ("Quick Start Guide") is provided with shipments of Cisco Security Manager UCS Server Bundles. This "Quick Start Guide" is also available on Cisco.com at the following URL: http://www.cisco.com/en/US/products/ps6498/prod_installation_guides_list.html.

Cisco Security Manager UCS Server Bundles ("Bundle") is a software and hardware bundle that was developed by Cisco Systems, Inc., for users of Cisco Security Manager. Cisco did the following things to develop this Bundle:

1. Selected a server, the Cisco UCS C210 M2, and configured it with appropriate HDDs, RAM, and other components (this was done by Cisco before shipment of the Bundle to you).


Note Two hardware configurations are available for this Bundle. However, this "Quick Start Guide" (and all the documentation referred to in it) applies to both of the available hardware configurations. The two hardware configurations are low-end (16 GB Cisco UCS C210 M2) and high-end (24 GB Cisco UCS C210 M2).


2. Set up the BIOS on the Cisco UCS server (this was done by Cisco before shipment of the Bundle to you).

3. Installed the operating system, Microsoft Windows Server 2008 R2 Enterprise Service Pack 1 ("the OS") (this was done by Cisco before shipment of the Bundle to you).

4. Tuned the OS (this was done by Cisco before shipment of the Bundle to you).

5. Installed Common Services 3.3, which provides the framework for installation, user role definitions, and many other functions (this was done by Cisco before shipment of the Bundle to you).

6. Installed Cisco Security Manager 4.1 ("Security Manager") (this was done by Cisco before shipment of the Bundle to you).

7. Tuned Security Manager (this was done by Cisco before shipment of the Bundle to you).


The next steps—unpacking the shipping carton, obtaining an IP address, securing the Security Manager credentials, and all the rest—are to be taken by you as (1) the admin user of Security Manager and (2) the administrator of the Cisco UCS Server.

Cisco recommends that you read this "Quick Start Guide" and the other documentation that you will find packed in your shipping carton along with your new Bundle itself, especially the poster titled "Cisco UCS 200 and Cisco UCS 210 Servers."

Also, please be sure to refer to the "Related Documentation" section of this "Quick Start Guide."

Deployment Mode—Standard Only; No HA or DR

The Bundle is meant for standard deployment only: It does not provide support for high availability (HA) mode or disaster recovery (DR) mode; those modes require the installation of Veritas, which is not part of this bundle.

Steps to Get Up and Running with Cisco Security Manager


Step 1 Obtain and read the document Regulatory Compliance and Safety Information for the Cisco UCS C-Series Servers at the following URL: http://www.cisco.com/en/US/docs/unified_computing/ucs/c/regulatory/compliance/cseries_regulatory_compliance_information.html.

Step 2 Locate the document "Cisco UCS 200 and Cisco UCS 210 Servers" [poster, Cisco 78-20053-01], which is packed in your shipping carton.

Step 3 Verify that your shipping carton contains the following items:

a. the server itself,

b. the driver and utility disc,

c. the AC power cord (optional, up to two),

d. KVM console cable, and

e. Bundle accessory kit.

Step 4 Verify that the Bundle accessory kit in your shipping carton contains the following items:

a. this "Quick Start Guide" (any version)

b. the Cisco Security Manager license in paper format,

c. the Microsoft end-user license agreement in paper format,

d. the recovery media (2 CDs), and

e. the Microsoft Certificate of Authenticity (COA) label (the COA label is placed on the recovery media.

Step 5 Use the "Cisco UCS 200 and Cisco UCS 210 Servers" poster to install the server in a rack.

Step 6 Use the "Cisco UCS 200 and Cisco UCS 210 Servers" poster to connect and power-on the server in Standalone Mode.

Step 7 Do not use UCSM mode.

Step 8 Do not update the BIOS; BIOS setup was done by Cisco before shipment of the Bundle to you; see BIOS Setup, OS Tuning, and Security Manager Tuning (these were done by Cisco before shipment of the Bundle to you).

Step 9 Do not update the CIMC firmware.

Step 10 Use the default username and password to log on to the OS; see Usernames and Passwords.

Step 11 Activate Windows. For more information, see Windows Activation, Product Key, and EULA

Step 12 Assign a static IP address to the server; see Assigning an IP Address.

Step 13 (Optional) Change the hostname; see Changing the Hostname.

Step 14 Ensure that required ports are enabled and available for use by Security Manager and its associated applications on your server so that the server can communicate with clients and servers running associated applications. For detailed information, refer to "Required Services and Ports" in the "Requirements and Dependencies" chapter of the Installation Guide for Cisco Security Manager 4.1 at the following URL: http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.1/installation/guide/requirem.html#wpxref24624.

Step 15 Use the default username and password to log on to Cisco Security Manager; see Usernames and Passwords.

Step 16 Install the Cisco Security Manager license; see the "Updating Security Manager, Performance Monitor, and RME Licenses" section of the "Installing and Upgrading Server Applications" chapter of the Installation Guide for Cisco Security Manager 4.1 at the following URL: http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.1/installation/guide/inserver.html#wp1053144.


Caution Your Cisco Security Manager license is provided in paper format and is packed in your shipping carton along with your new Bundle itself. Please take care that it is not inadvertently discarded or lost.

Step 17 Refer, as needed, to the Related Documentation section of this "Quick Start Guide."

BIOS Setup, OS Tuning, and Security Manager Tuning (these were done by Cisco before shipment of the Bundle to you)

Before your new Bundle was shipped to you, Cisco set up the BIOS on the server, installed and tuned the operating system, and installed and tuned Security Manager.

BIOS settings done in the Cisco UCS server (these were done by Cisco before shipment of the Bundle to you):

Intel Hyper-Threading Technology enabled.

Virtualization disabled.

Mass Storage Controllers Configuration selected.

RAID configuration (this was done by Cisco before shipment of the Bundle to you):

For the low-end hardware configuration (16 GB Cisco UCS C210 M2), onboard SATA Controller enabled.

Also for the low-end hardware configuration (16 GB Cisco UCS C210 M2), SATA Mode set to SW RAID.

For the high-end hardware configuration (24 GB Cisco UCS C210 M2), hardware RAID controller configured, with RAID 5 set up.

OS tuning and changes done in the Cisco UCS server (these were done by Cisco before shipment of the Bundle to you):

Disk cache policy configured.

Virtual memory configured.

Windows firewall disabled.

Current Windows updates installed.

Windows Update settings set to "Check for updates but let me choose whether to download and install them."


Tip Windows firewall is disabled by default. If you want to enable Windows firewall, follow these steps:

a. Open Server Manager. (To open Server Manager, right-click Computer and click Manage. Or, select Start > Programs > Administrative Tools > Server Manager.)

b. Under "Security Information," click Go to Windows Firewall.

c. Under "Overview," click Windows Firewall Properties.

d. Under "State," change "Firewall State" to "On."


Cisco Security Manager tuning done (this was done by Cisco before shipment of the Bundle to you):

For the low-end hardware configuration (16 GB Cisco UCS C210 M2), E:\Program Files\CSCOpx used for installation.

For the high-end hardware configuration (24 GB Cisco UCS C210 M2), D:\Program Files\CSCOpx used for installation.

Default usernames and passwords established.

Performance Parameters

Your new Bundle was tuned for specific performance parameters:

The low-end hardware configuration (16 GB Cisco UCS C210 M2) provides support for 50 devices. This configuration is suitable for a small enterprise deployment. The maximum number (cumulative) of events per second supported is 5000 events per second [this value is a 9:1 ratio of syslogs to IPS SDEE (i.e., 4500 syslog + 500 SDEE)].


Note Cisco does not recommend (1) attempting to expand the capabilities of the low-end hardware configuration (16 GB Cisco UCS C210 M2) by adding licenses or hardware or (2) otherwise attempting to change the license configuration or hardware or both; the Bundle was tested as shipped.


The high-end hardware configuration (24 GB Cisco UCS C210 M2) provides support for 150 devices. This configuration is suitable for a medium enterprise deployment. The maximum number (cumulative) of events per second supported is 10,000 events per second [this value is a 9:1 ratio of syslogs to IPS SDEE (i.e., 9000 syslog + 1000 SDEE)].


Note Cisco does not recommend (1) attempting to expand the capabilities of the high-end hardware configuration (24 GB Cisco UCS C210 M2) by adding licenses or hardware or (2) otherwise attempting to change the license configuration or hardware or both; the Bundle was tested as shipped.


Updates and Service Packs for Windows

Your new Bundle was shipped to you with current Windows updates installed.

Also, Windows Update was set to "Check for updates but let me choose whether to download and install them."


Tip To change the Windows Update setting, select Control Panel > System and Security > Windows Update > Let me Choose My Settings.


As the administrator of the Cisco UCS Server which forms part of this Bundle, you are responsible for the necessary updates and service packs for Windows. Cisco does not provide Windows updates or service packs.

Patches and Service Packs for Security Manager

Your new Bundle was shipped to you with current Cisco Security Manager patches and service packs installed.

As the admin user of Security Manager installed on this Bundle, you are responsible for the necessary patches and service packs for Security Manager. Cisco does not install them for you or notify you.

Usernames and Passwords

Windows:

Default Windows username/password: Administrator/cisco@123

To change the Windows username/password: Follow the procedures published by Microsoft for Windows Server 2008.

Security Manager admin:

Default Security Manager admin username/password: admin/admin

To change the Security Manager admin username/password: In Security Manager, select Tools > Security Manager Administration > Server Security, then click Local User Setup.

Security Manager casuser:

Default casuser username/password: casuser/[Note: password is generated by Security Manager during installation]

To reset the casuser password, follow the procedure for resetCasuser.exe in the Installation Guide for Cisco Security Manager 4.1 at http://www.cisco.com/en/US/products/ps6498/prod_installation_guides_list.html.

Windows Activation, Product Key, and EULA

Activation of the OS (Microsoft Windows Server 2008 R2 Enterprise Service Pack 1) must be done by you before the activation period expires. To activate the OS, use the Microsoft Certificate of Authenticity (COA) label; the COA label is placed on the recovery media provided with your new Bundle. For more information on activating the OS, refer to "Product Activation," published by Microsoft at the following URL: http://www.microsoft.com/windowsserver2008/en/us/product-activation.aspx.

You can view your product key by using normal Microsoft procedures: On the Control Panel, select System and refer to the information under "Windows Activation."

To activate the OS, use the Physical Key. Do not use the Virtual Key. Refer to the following illustration.

The Windows EULA (end user license agreement) is described in a printed document that you will find packed in your shipping carton.

Updates and Service Packs for the UCS Server

Cisco periodically releases updates and service packs for its UCS servers. As the administrator of the Cisco UCS Server which forms part of this Bundle, you are responsible for the necessary updates and service packs, which you can obtain by visiting http://www.cisco.com/go/ucs. The direct links are as follows:

Cisco UCS C210 M2 General-Purpose Rack-Mount Server: http://www.cisco.com/cisco/software/type.html?mdfid=283001983&catid=282558030

Cisco UCS C210 M2 Rack-Mount Server Software: http://www.cisco.com/cisco/software/type.html?mdfid=283862069&catid=282558030

Cisco Security Manager License


Caution Your Cisco Security Manager license is provided in paper format and is packed in your shipping carton along with your new Bundle itself. Please take care that it is not inadvertently discarded or lost.

This Bundle includes the following license support:

The low-end hardware configuration (16 GB Cisco UCS C210 M2) provides support for 50 devices.


Note Cisco does not recommend (1) attempting to expand the capabilities of the low-end hardware configuration (16 GB Cisco UCS C210 M2) by adding licenses or (2) otherwise attempting to change the license configuration; the Bundle was tested as shipped.


The high-end hardware configuration (24 GB Cisco UCS C210 M2) provides support for 150 devices.


Note Cisco does not recommend (1) attempting to expand the capabilities of the high-end hardware configuration (24 GB Cisco UCS C210 M2) by adding licenses or (2) otherwise attempting to change the license configuration; the Bundle was tested as shipped.



Note Evaluation licenses are not available for this Bundle.


IP Address and Hostname

Assigning an IP Address

During deployment of your new Bundle at your site, you must assign the server a static IP address. (Security Manager requires one IP address. It must be a static IP address; dynamic IP addresses are not supported.)

To assign the server a static IP address, first obtain a static IP address from your network administrator and then follow the procedures for IP address assignment published by Microsoft for Windows Server 2008.

Changing the IP Address

To change the IP address of your server, follow the procedures for IP address assignment published by Microsoft for Windows Server 2008, as you did when first assigning an IP address.

After changing the IP address of your server, you must restart the Security Manager Daemon Manager by executing the following commands in a command window:

net stop crmdmgtd

net start crmdmgtd

For more information on changing the IP address, refer to "Diagnosing Problems With CiscoWorks Server" (Chapter 10) in User Guide for CiscoWorks Common Services 3.3 at http://www.cisco.com/en/US/partner/docs/net_mgmt/ciscoworks_common_services_software/3.3/user/guide/diagnos.html.

Changing the Hostname

To change the hostname of your new Bundle, take the steps listed in the following procedure.


Caution If the hostname of the machine changes, the stability of the system is not guaranteed and it fails in some cases.

Procedure


Step 1 Change the hostname in the OS:

a. Right-click Computer and select Properties. Or, open Control Panel and select System.

b. Under "Computer name, domain, and workgroup settings," click Change settings.

c. Click Change to change the hostname.

d. Restart the computer.

Step 2 Stop the Security Manager Daemon Manager by executing the following command in a command window:

net stop crmdmgtd

Step 3 Execute the CiscoWorks server hostname change script by executing the following command in a command window:

NMSROOT\bin\perl NMSROOT\bin\hostnamechange.pl

In this command, NMSROOT is the path to the Security Manager installation directory. For the low-end hardware configuration (16 GB Cisco UCS C210 M2), the default installation directory is E:\Program Files\CSCOpx. For the high-end hardware configuration (24 GB Cisco UCS C210 M2), the default installation directory is D:\Program Files\CSCOpx.


Tip hostnamechange.pl is a utility that updates the hostname changes in Common Services-related directories, files, database entries, and registry entries after the hostname is changed in the OS. For a detailed list of the changes made by hostnamechange.pl, refer to "Using CiscoWorks Server Hostname Change Scripts" in User Guide for CiscoWorks Common Services 3.3 at http://www.cisco.com/en/US/partner/docs/net_mgmt/ciscoworks_common_services_software/3.3/user/guide/admin.html#wpmkr695557.


Step 4 Restart the computer.


Note In this step, you must restart the computer. Restarting the Security Manager Daemon Manager is not sufficient.



Recovery Media


Caution Recovery media (2 CDs) are provided with your new Bundle. Please take care that they are not inadvertently discarded or lost.

If disk corruption or other hardware failure occurs, you can use the recovery media provided with your new Bundle to restore the OS and Security Manager. Take the steps listed in the following procedure:

Procedure


Step 1 Resolve the hardware problem.

Step 2 Locate the recovery media that are provided with your new Bundle. Two CDs are provided:

CD1: OS installation CD

CD2: Security Manager installation CD


Note There is no recovery partition.


Step 3 Install the OS.

Step 4 Ensure that BIOS setup and OS tuning is done as described in BIOS Setup, OS Tuning, and Security Manager Tuning (these were done by Cisco before shipment of the Bundle to you)

Step 5 Install Security Manager as described in Installation Guide for Cisco Security Manager 4.1 at http://www.cisco.com/en/US/products/ps6498/prod_installation_guides_list.html.


If You Need to Return Your Bundle to Cisco

If you need to return your Bundle to Cisco because of hardware failure or some other reason that requires you to request an RMA, please note the following:

When returning your Bundle to Cisco, be sure to include everything that was shipped to you. In particular, please be sure to return the recovery media; the Microsoft Certificate of Authenticity (COA) label is placed on the recovery media sleeve and must be returned.

Related Documentation

The following documentation is for the Software (Cisco Security Manager 4.1) in this Bundle:

"Guide to User Documentation for Cisco Security Manager 4.1" (the "documentation roadmap"): http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.1/roadmap/CSM41Map.html

Main page for Cisco Security Manager on Cisco.com: http://www.cisco.com/go/csmanager

Chapter 1 (the "Getting Started" chapter) of User Guide for Cisco Security Manager 4.1: http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.1/user/guide/wfplan.html

User Guide for CiscoWorks Common Services 3.3: http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_common_services_software/3.3/user/guide/cs_33_ug.html. (Common Services 3.3 provides the framework for installation, user role definitions, and many other functions.)

The following documentation is for the Hardware (Cisco UCS C-Series Rack-Mount Servers) in this Bundle:

"Cisco UCS 200 and Cisco UCS 210 Servers" [poster, Cisco 78-20053-01], which is packed in your shipping carton along with your new Bundle itself

"Cisco UCS C-Series Servers Documentation Roadmap" describes the user documentation available for Cisco Unified Computing System (UCS) rack mount servers: http://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.html

"Unified Computing and Servers" main page on Cisco.com: http://www.cisco.com/go/ucs

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as an RSS feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently supports RSS Version 2.0.


This document is to be used in conjunction with the documents listed in the "Related Documentation" section.