Table Of Contents
Release Notes for
Cisco IP Solution Center, 3.0Documentation Road Map for Cisco IP Solution Center
What Is New in Release 3.0 of ISC
Advanced Encryption Standard (AES)
Cisco CNS IE2100—All Device Communications Supported
Cisco CNS IE2100—CNS Identifier Other Than the Device Hostname Supported
Cisco CNS IE2100—Multiple CNS IE2100 Appliances Supported
Device Configuration Service (DCS) Replaces Telnet Gateway System (TGS)
Dynamic Component Properties Library (DCPL) Replaces csm.properties
Dynamic Crypto Map for Cisco IOS and PIX
Enhanced Interior Gateway Routing Protocol (EIGRP) Between CE - PE
Firewall Management (Cisco IOS and PIX)
Graphical User Interface (GUI) is Web-based
Installation Revised to a Java Installation Package
IPsec Features Porting from VPNSC 2.x
Layer 2 VPN (L2VPN) Management
Logging Service, Server and Task
MPLS Features Porting from VPNSC 2.x
MPLS VPN Management Schema Changes
NAT Management (Cisco IOS and PIX)
Network-based IPsec VPN: Mapping IPsec into MPLS VPN
Remote Access IPsec for Cisco IOS and PIX
Security Management Enhancements
Service Level Agreement (SLA) Configuration and Collection Task
Known Problems in Cisco IP Solution Center, Release 3.0
Obtaining Technical Assistance
Obtaining Additional Publications and Information
Release Notes for
Cisco IP Solution Center, 3.0
May 29, 2007
Note
All documentation, including this Release Notes for Cisco IP Solution Center, 3.0 document and any or all of the parts of the Release 3.0 documentation set, may be upgraded.
The Cisco IP Solution Center software is referred to as ISC.
The information in this Release Notes for Cisco IP Solution Center, 3.0 document gives you an overview of this release and helps you understand it at a high level. Please read this document prior to reading any other manual for ISC.
All ISC patches are available at: http://www.cisco.com/cgi-bin/tablebuild.pl/isc (where in tablebuild.pl, the last character is the lower-case letter "l").
Note
Note
Note
Note
Contents
The information in this release note is organized into the following sections:
•
•
•
•
•
Introduction
Cisco IP Solution Center (ISC), 3.0 is a follow-on release to Cisco VPN Solutions Center (VPNSC), 2.2.
This product extends the feature set for Multi Protocol Label Switching (MPLS) and Internet Protocol Security (IPsec) Virtual Private Networks (VPNs) from VPNSC, 2.2. ISC uses a new web-based GUI to improve usability and a new architecture to improve performance. The two solutions in VPNSC are now called MPLS VPN Management and Security Management, respectively, and as in VPNSC are distributed on the same product CD. Security Management is a combination of IPsec, the new Firewall feature, and the new Network Address Translation (NAT), all of which are individually licensed. The types of IPsec are all licensed as one: IPsec Site-to-Site; IPsec Remote Access; and IPsec to MPLS Mapping. These solutions all continue to provide features such as provisioning, auditing, and service level agreement (SLA) monitoring. These solutions provide network and service management for service providers. They allow service providers to seamlessly provision and manage intranet and extranet VPNs. The MPLS VPN Management and Security Management focus on provisioning, auditing, and monitoring the links between a customer's edge routers through the service provider's network.
This product introduces Layer 2 VPN (L2VPN) Management and access edge Quality of Service (QoS). L2VPN Management and QoS are also distributed on this one product CD and are licensed separately.
For more details, please see the "What Is New in Release 3.0 of ISC" section.
Materials
When you order the IP Solution Center product, you receive the following:
•
•
•
•
The Documentation Guide for IP Solution Center, 3.0 and the other documents in the documentation set are available on CCO as follows. These documents are also available on the Documentation CD-ROM.
•
•
•
•
•
•
Note
•
•
Note
API information is available in ISC_NBI_Distribution.zip. The APIs are licensed individually. To access this zip file, use one of the following paths:
1.
2.
3.
4.
Note
5.
6.
or
1.
ftp://ftpeng.cisco.com/isc/ISC30GAdoc.zip
Note
Documentation Road Map for Cisco IP Solution Center
This section describes documentation resources to help you find information about the Cisco IP Solution Center (ISC). The ISC Documentation Home is: http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/index.htm.
Note
We recommend you refer to the documentation in the following order. These are the documents that are common to all the services. All these documents are available on the Cisco Documentation CD-ROM, on CCO, and on the World Wide Web.
1.
The contents of this document are:
- Product Documentation Set - URLs for all the documentation in this documentation set.
- Obtaining Documentation
- Obtaining Technical Assistance
- Obtaining Additional Publications and Information
2.
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/relnotes)
The contents of this document are:
–
–
–
–
–
–
–
–
–
3.
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/install).
The contents of this document are:
–
–
–
–
4.
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/infrastr).
The contents of this document are:
–
–
–
–
–
–
–
–
–
–
The following documents are listed alphabetically. They are specific to services for which you purchase licenses. All these documents are available on the Cisco Documentation CD-ROM, on CCO, and on the World Wide Web.
•
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/l2vpn).
The contents of this document are:
–
–
–
–
•
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/mpls).
The contents of this document are:
–
–
–
–
–
–
–
–
–
•
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/qos).
The contents of this document are:
–
–
–
–
–
–
–
–
–
•
(http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/3_0/secmgmt).
The contents of this document are:
–
–
–
–
–
–
–
–
If you are using the APIs, the API information is available in ISC_NBI_Distribution.zip. The APIs are licensed individually. To access this zip file, use one of the following paths:
1.
2.
3.
4.
Note
5.
6.
or
1.
ftp://ftpeng.cisco.com/isc/ISC30GAdoc.zip
What Is New in Release 3.0 of ISC
The following topics (listed alphabetically) are new or the implementation was changed dramatically from VPNSC Release 2.2 to this ISC Release 3.0. Additionally, bug fixes are included in this release.
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES) is a new addition to the list of encryption transforms for IPsec and Internet Key Exchange (IKE). In addition to 3DES and DES, which in VPNSC were the supported encryption transforms for IPsec, and encryption algorithms for IKE, ISC 3.0 also supports AES. AES is stronger than DES and more efficient than 3DES. AES can be configured for 128, 196, and 256 bit modes and is supported in Cisco IOS, PIX, and VPN 3000.
APIs
See the "Northbound APIs" section.
Architecture New for ISC 3.0
The new four-tier architecture provides the modular framework for implementation of the scalable system. The four tiers are:
Client Tier
Unlike previous VPNSC releases, this release has a web-based graphical user interface (GUI). The Client Tier consists of the user web browsers or client applications accessing ISC through the API. Customers do not have to use ISC through the GUI. The software can be driven fully through its northbound API.
Interface Tier
The Interface Tier consists of J2EE web servers that are responsible for interfacing with the ISC users. Each web server contains a servlet engine and each web server is installed on a separate physical machine. The number of web servers needed depends on the number of concurrent users the system needs to support.
When more than one web server is needed, a server load balancer can be used to direct traffic to the correct web server such that all the web servers together form a web farm. We do NOT recommend using the Domain Naming Service (DNS) to do round-robin address assignment, because it has some serious shortfalls: DNS caching makes real load balancing difficult; DNS update speed makes dynamic adding and removing of servers to the web farm difficult if not impossible; DNS load balance cannot be based on server load, traffic type, and session information.
We recommend using one of several excellent traffic load balancer appliances on the market. Typically a virtual IP address represents the whole web farm. The traffic load balancer then manipulates the IP packet's source and destination addresses to direct traffic according to the policy configured in the load balancer.
Note
Control Tier
The Control Tier consists of the ISC repository (relational database) and the task scheduler. Other components include the master watchdog and system logger. At this time, there is only one Control Tier machine and it is called the master machine. The master machine is the nerve center of the whole infrastructure.
As in previous VPNSC releases, there are four repositories for ISC 3.0: Device Repository (previously called Directory Repository); Service Model Repository (previously called VPN Inventory Repository); Collection Repository; and Task Repository.
The database used previously in VPNSC has been replaced, which improves scalability and address bottlenecks. The system is coded with JDBC API and currently supports Oracle, Version 8.1.7 with US7ASCII and later and Sybase ASA, Version 8.
Distribution Tier
The Distribution Tier consists of the processing servers and collection servers. The processing servers execute tasks such as provisioning, auditing, SLA data collection, and so on. The collection servers are responsible for interacting with the network devices and each collection server owns a set of network devices. For example, configuration upload/download to a Cisco router is through its collection server.
Either the Processing Server or Collection Server can be installed and run on separate machines. ISC 3.0 has a distributed infrastructure that monitors and manages the processing servers and the collection servers.
Auto Discovery
Auto Discovery is new in ISC 3.0. There are two components: Physical Discovery and Service Discovery.
Physical Discovery discovers elements in your existing network (not the core) and the connections. In your existing network, you can discover devices and the physical connections, while providing seed devices and the number of hops you want to reach.
Service Discovery discovers the existing MPLS and L2VPN service requests in your network.
Browser Support
ISC 3.0 can be run on Internet Explorer Version 6.0 or later or Netscape 7.0 or later.
Catalyst OS (CAT OS)
VPNSC only supported PEs and CEs. In VPNSC, the PE and CE were directly connected. ISC 3.0 now supports Catalyst switches between the PE and CE. Each link can contain a list of PtToPtLinks when there are multiple switches between a CE and a PE that need to be provisioned by ISC as well.
Cisco CNS IE2100—All Device Communications Supported
In addition to integrating with Cisco CNS IE2100 for router configuration upload and download, as provided in VPNSC 2.2, in ISC 3.0 all device communications with Cisco CNS IE2100 are integrated. This includes: uploading a configuration file from a device; downloading a configlet to a device; executing a command on a device; and obtaining the result.
Cisco CNS IE2100—CNS Identifier Other Than the Device Hostname Supported
ISC 3.0 supports a CNS identifier other than the device hostname for the Cisco IOS devices using the Cisco CNS IE2100. This unique identifier is used to create the Cisco IOS device in the corresponding Cisco CNS IE2100 repository and for all Tibco event communications pertaining to this device. Any CNS identifier is valid. You can use the chassis serial number or any other identifier of your choosing.
Cisco CNS IE2100—Multiple CNS IE2100 Appliances Supported
ISC 3.0 supports multiple Cisco CNS IE2100 appliances, which are stored in the ISC repository. Each Cisco CNS IE2100 could potentially serve any Cisco IOS device. Each device using Cisco CNS IE2100-related features must be associated with a Cisco CNS IE2100 appliance through the GUI.
Control Center
Within the GUI is a new Control Center feature to manage the environment. Through the Control Center, you can monitor and configure all remote hosts in the ISC distributed environment, as follows:
•
•
•
•
•
•
•
•
•
Database Change
ISC 3.0 uses a standard off-the-shelf relational database management system (RDBMS). With the use of the RDBMS, ISC 3.0 is more scalable and more reliable and gives better performance than the VPNSC releases.
Sybase ASA, Version 8 is bundled with this release. Oracle 8.1.7 and later with US7ASCII are also supported.
Device Configuration Service (DCS) Replaces Telnet Gateway System (TGS)
The Device Configuration Service (DCS), replaces the Telnet Gateway System (TGS).
•
•
•
Device Console
Device Console enables you to do the following functions to one or more devices:
•
•
•
•
•
Distributed Architecture
See the "Architecture New for ISC 3.0" section.
Dynamic Component Properties Library (DCPL) Replaces csm.properties
With the Dynamic Component Properties Library (DCPL) in ISC, instead of the csm.properties file in VPNSC, the following advantages are in place:
•
•
•
Note
Note
Dynamic Crypto Map for Cisco IOS and PIX
ISC 3.0 supports provisioning of dynamic crypto maps, which is critical for scenarios where some VPN nodes have a dynamically assigned IP address, such as DHCP or Point-to-Point Protocol over Ethernet (PPPoE). For example, if the spoke routers in a hub-and-spoke IPsec VPN have dynamically assigned IP addresses, the hub router must be provisioned with a dynamic crypto map because the IP address of the spokes will not be known to the hub. Furthermore, if there is a mix of spokes, some with dynamic and some with static IP addresses, then there is a user-configurable service request attribute to indicate whether dynamic crypto map should be used for all spokes, or a mixture of dynamic and static crypto maps. This feature in conjunction with the Cisco CNS IE2100 integration in ISC, enables ISC 3.0 to provide a complete management solution for the dynamic IP address devices.
Enhanced Interior Gateway Routing Protocol (EIGRP) Between CE - PE
Enhanced Interior Gateway Routing Protocol (EIGRP) is available for MPLS between CE and PE devices. The PE router must be running Cisco IOS Version 12.0(22)S or later or 12.2(15)T and later.
Firewall Management (Cisco IOS and PIX)
New in ISC 3.0 is policy-based Firewall management. The firewall policy contains a set of access rules, inspect rules, URL filtering rules, authentication proxy, and syslog attributes. The policy rule sets support the notion of network objects, which are variables used in the policy, and defined independently for each customer, site, or device. Firewall policy also supports a hierarchical model where a given policy inherits some behavior from its parent policy. The policy rules are device-independent and are translated to device-specific commands at the time the policy is applied to the devices. A firewall service request is used to apply a policy to a list of devices.
Graphical User Interface (GUI) is Web-based
The Graphical User Interface (GUI) is now web-based (HTML). See the "Browser Support" section.
Installation Revised to a Java Installation Package
A new Java Installation Package is used for ISC 3.0. This simplifies the installation from the script-based installation used in VPNSC 2.x.
With the new distributed environment, there are different ways to package the software and each of these can have the option of different management services (L2VPN Management, MPLS VPN Management, QoS Management, and Security Management):
•
•
•
•
IPsec Features Porting from VPNSC 2.x
All VPNSC 2.x IPsec provisioning and auditing features are available in ISC 3.0, however, they use a new, lightweight data-driven provisioning engine. This new data-driven provisioning engine can easily be extended to support new commands, and thus has made it possible for ISC 3.0 to support the latest security features, such as Dynamic Multipoint Virtual Private Network (DMVPN) and VRF-aware IPsec. The new provisioning engine also supports multiple platforms such as Cisco IOS and PIX.
In VPNSC 2.x, the IPsec service model concentrated around IPsec tunnels, and thus creation or deployment of large service requests was time-consuming because each IPsec tunnel was represented in the repository. The new 3.0 IPsec service model was simplified to calculate the tunnels on the spot as needed.
IPsec Functional Audit
ISC 3.0 now supports functional auditing of IPsec service requests. This can be used after the service request has already been deployed. Functional auditing involves performing a PING operation among all the nodes of the IPsec VPN to ensure the tunnels are up and the VPN connectivity is there.
Layer 2 Access to MPLS VPNs
Multiple Layer 2 (L2) switches can exist between the CE and the PE to connect these two layer 3 (L3) devices in a CE-PE link. Provisioning of the L2 devices (Ethernet) that are Cisco IOS enabled is supported in this release.
Layer 2 VPN (L2VPN) Management
Layer 2 VPN (L2VPN) Management is new to ISC.
An L2VPN policy describes what you need to enter and what attributes are taken from the policy to be enforced across the service. An L2VPN service request is available to apply the policy to a set of devices through a set of EndToEndWire, which is an end-to-end layer 2 tunnel between two customer CPEs through the service provider's core network, between two PEs.
Licensing
The ISC 3.0 licensing scheme supports the following. Note that at a minimum you must enter one Application License, an Activation License, and a VPN License.
•
–
–
–
–
–
–
•
–
–
–
•
•
Logging Service, Server and Task
In ISC 3.0, a general logging facility is used by all components, unlike in VPNSC 2.2, where each component outputs message and logging information in its own format. The new logging facility is based on the JDK 1.4 logger and integrated with DCPL to allow dynamic changing of the log level during runtime without the need to restart the components.
The server log viewer is provided by the ISC Control Center to view server logging output and status. The task log viewer should be part of the task management GUI.
MPLS Features Porting from VPNSC 2.x
The new data driven provisioning engine was used to make the VPNSC 2.x MPLS provisioning and auditing features available in the ISC 3.0 MPLS VPN Management. The new simplified service model and much lighter provisioning engine is expected to translate to much higher performance for MPLS provisioning compared to the VPNSC 2.x releases.
In VPNSC 2.x, the service model concentrated around the PE-CE link. Provisioning of the PE-CE link requires a service request and that the state is associated with the service request. In ISC 3.0 there is a paradigm shift; the 3.0 service model's service request can contain one or more MPLS-VPN links. Each MPLS-VPN link can contain multiple Layer 2 links. Thus, MPLS VPN is not restricted to a single hop PE-CE link but can also support multi-hop PE-CE links.
MPLS VPN Enhancements
The following enhancements have been added to the MPLS VPN Management since VPNSC, 2.2:
•
•
•
•
•
•
•
MPLS VPN Management Schema Changes
The following are the major schema changes introduced in ISC 3.0:
•
•
•
Multicast MPLS VPN
MPLS VPNs provide only unicast data service. If the customer sites have a multicast application, it would not work across the customer sites. For this support, the PE routers, with the help of the provider core network, must be able to route multicast control and data traffic from the customer networks. The approach Cisco IOS has selected to implement this feature tries to strike a balance between the amount of state that must be maintained in the provider core network and forwarding efficiency for the multicast traffic from customer networks.
ISC 3.0 provisions multicast support for MPLS/BGP VPNs. This results in customer multicast traffic being carried in the provider core with the help of multicast tunnels created in the provider core. To use this feature, the provider core network must be multicast enabled.
Multi-VRF CE Support
In VPNSC 2.2, multi-VRF CE support requires the creation of one service request with templates. In ISC 3.0 MPLS VPN Management, a single service request provisions a multi-VRF CE.
NAT Management (Cisco IOS and PIX)
Network Address Translation (NAT) is new in ISC 3.0. It supports static and dynamic address translation on Cisco IOS and PIX devices. The static translations can be either host-based, port-based, or network-based. The dynamic translations can use either an address pool or an interface name.
A NAT service request does network address translation on internet bound traffic and allows site-to-site traffic to do no-NAT. A NAT service request also supports sites with overlapping addresses, in which both internet bound and site-to-site traffic will be natted. In addition, for overlapping Cisco IOS devices, a NAT service request also supports alternative pools for site-to-site traffic, so that internet bound traffic and site-to-site traffic can use different address pools.
Network-based IPsec VPN: Mapping IPsec into MPLS VPN
ISC 3.0 supports mapping of IPsec tunnels into existing MPLS VPNs. This provides connectivity from off-net sites of a customer VPN across the internet through IPsec tunnels and mapping them into a customer's MPLS VPN. Similarly, this provides remote access into a given customer's MPLS VPN from an IPsec client connected to the internet, for example from a Microsoft® Windows workstation running a Cisco VPN client. The IPsec aggregator router resides on the service provider premises, and terminates IPsec tunnels from off-net customer CE routers or from IPsec remote clients.
The IPsec aggregator can be either a PE or a Multi-VRF CE router, and must run Cisco IOS release 12.2(15)T1 or later. The CE routers may run any Cisco IOS image 12.2(11)T or later. The IPsec remote client is Cisco VPN Client Release 3.0 or later.
Northbound APIs
Continuing the tradition of the VPNSC 2.x releases, northbound APIs drive ISC for all service provisioning that can occur through the GUI.
Note
ISC 3.0 API is based on the HTTP/HTTPS/XML/SOAP standard.
The following is the functionality provided by the APIs. Full lifecycle support (create, delete, modify, and view) is supported for the functionality.
•
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
•
–
–
–
–
–
•
–
–
–
–
PE Only Provisioning
In VPNSC 2.x, MPLS VPN Management required that a PE object and a CE object be created in VPNSC. In ISC 3.0, this setup is still valid, plus now you can manage an MPLS VPN link with just a PE, and a CE object is not required.
PING Monitoring
New in ISC 3.0 is the PING Monitoring tool, which enables you to select one or more MPLS service requests and perform VRF PING between the MPLS PE and CE, or perform regular PING among the CEs. The PING Monitoring tool then generates a report of the results of the PING operation. Similarly, you may select one or more IPsec service requests in the PING Monitoring tool and perform PING among the IPsec VPN nodes, either through the IPsec tunnels or outside the tunnels. The result is again provided in a report.
QoS Provisioning
New in ISC 3.0 is Quality of Service (QoS) provisioning. A QoS policy object records the details of the QoS information. A QoS service request object binds the QoS policy to a collection of access circuits. The QoSLink object denotes the access circuit between a CE and PE to which we want to apply the QoS policy.
Remote Access IPsec for Cisco IOS and PIX
In addition to Remote Access for the VPN 3000 Concentrator, available in VPNSC 2.1, this release adds Remote Access IPsec support for the Cisco IOS router and PIX firewall platforms. This enables remote users to use the Cisco VPN Client Release 3.0 or later to establish an IPsec tunnel from their workstation, for example a Microsoft® Windows workstation, to the IPsec gateway. Cisco IOS release 12.2(11)T or later is required for this.
Repository Import and Export
For ISC 3.0, only use your Sybase ASA or Oracle Import and Export tools.
Repository Migration
Caution
This is explained in Chapter 2, "Installing and Logging Into ISC," in the Cisco IP Solution Center Installation Guide, 3.0 (Part Number: OL-4341).
Security Management
Security Management replaces what was previously called IP security (IPsec) in previous VPNSC releases. The new features are listed separately. The services in this release are as follows:
•
–
–
–
•
–
–
–
•
–
–
•
–
–
Security Management Enhancements
The following enhancements have been added to Security Management since VPNSC, Release 2.2, when it was IPsec only:
•
•
•
•
•
•
•
•
•
Service Level Agreement (SLA) Configuration and Collection Task
The Service Level Agreement (SLA) and the configuration and collection task were ported to take advantage of the new scalable architecture.
Additionally, collection is available more frequently than on the hourly boundary.
Site of Origin
Site of Origin (SOO) is a concept in MPLS VPN architecture that prevents the routing loops in a site that is multi-homed to the MPLS VPN backbone and in a site that uses AS-OVERRIDE. SOO is a BGP extended community attribute used to identify an IP address that originated from a site to prevent that IP address from being advertised back to the site. This attribute uniquely identifies the site from which the PE router learned the route. SOO is tagged at a PE in peering with BGP neighbors using an inbound route-map and works in conjunction with the BGP CE-PE routing protocol.
SOO must be unique for each customer site for each VPN. Therefore, the same value of SOO must be used on PE routers connected to the same CE router or to the same customer site. The following format can be used to address an SOO extended-community-value: <as number>:<value>.
Site-to-Site IPsec
What in previous releases of VPNSC was known as LAN-to-LAN is now known as Site-to-Site IPsec and there is now support for the following four policies:
•
•
•
•
DMVPN and EZVPN are the two new site-to-site IPsec policies available in ISC 3.0.
DMVPN allows you to better scale large IPsec VPNs by combining multipoint GRE tunnels, IPsec, and Next Hop Resolution Protocol (NHRP). DMVPN supports dynamic tunnel creation for spoke-to-spoke tunnels. It also supports nodes with dynamically assigned IP addresses. To use DMVPN, Cisco IOS release 12.2(15)T or later is required. ISC 3.0 supports DMVPN provisioning.
EZVPN allows most VPN parameters to be defined on the IPsec server, which can be a VPN 3000 concentrator, a Cisco IOS router, or a PIX firewall. EZVPN client support on PIX requires PIX Release 6.3. The EZVPN client uses Cisco's unity client protocol to establish a tunnel with the server. ISC 3.0 supports provisioning both the server and the clients. It also supports both the network extension and client modes.
SNMP Service
The CORBA implementation of the poller is replaced by a pure Java implementation and fits into the new distributed infrastructure. All the generic MIB collections utilize the new poller implementation. Also, the MIB collection is extended (device, interface, module, and VLAN) for the QoS constraint engine to have enough information to generate a correct configuration.
Watchdog Distributed
The Watchdog manages and monitors components on all distributed servers. Through the GUI, you can manage all the remote servers from a central location. The configuration changes are made effective on the remote server through DCPL (see the "Dynamic Component Properties Library (DCPL) Replaces csm.properties" section). The master Watchdog in the control tier machine (see the "Control Tier" section) keeps track of the heartbeats from all the remote Watchdogs of remote hosts.
System Recommendations
The system recommendations and requirements are listed in Chapter 1, "System Recommendations" of the Cisco IP Solution Center Installation Guide, 3.0 (Part Number: OL-4341). The recommendation is to thoroughly review this list before even planning your installation, to be sure you have all the hardware and software you need to successfully install.
Known Problems in Cisco IP Solution Center, Release 3.0
To find known problems in Cisco IP Solution Center, use the following URL:
http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl
You need to log in to CCO.
You can search for specific bugs or search for a range by product name. This tool enables you to query for keywords, severity, range, or version.
The results display bug ID and title, found-in version, fixed-in version, and status. The bug ID is a hyperlink to detailed information for the bug ID's product, component, severity, first found-in, and release notes.
The results could be displayed in a feature matrix or spreadsheet.
Obtaining Documentation
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco web sites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Registered Cisco.com users can order the Documentation CD-ROM (product number DOC-CONDOCCD=) through the online Subscription Store:
http://www.cisco.com/go/subscription
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•
http://www.cisco.com/en/US/partner/ordering/index.shtml
•
http://www.cisco.com/go/subscription
•
Documentation Feedback
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) Website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities.
Cisco.com
Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com provides a broad range of features and services to help you with these tasks:
•
•
•
•
•
To obtain customized information and service, you can self-register on Cisco.com at this URL:
Technical Assistance Center
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The avenue of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable.
We categorize Cisco TAC inquiries according to urgency:
•
•
•
•
Cisco TAC Website
You can use the Cisco TAC website to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC website, go to this URL:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://tools.cisco.com/RPF/register/register.do
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL:
http://www.cisco.com/en/US/support/index.html
If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC website so that you can describe the situation in your own words and attach any necessary files.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
•
•
Guest
