Cisco IP Solution Center Security User Guide, 3.0 - About This Guide [Cisco IP Solution Center]

Table Of Contents

About This Guide

Document Objectives

Audience

Document Organization

Document Conventions

Related Documentation

Obtaining Documentation

Cisco.com

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Website

Cisco TAC Escalation Center

Obtaining Additional Publications and Information

About This Guide

This preface introduces the Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 and contains the following sections:

•Document Objectives

•Audience

•Document Organization

•Document Conventions

•Related Documentation

•Obtaining Documentation

•Obtaining Technical Assistance

•Obtaining Additional Publications and Information

Document Objectives

This guide contains information on how to use ISC 3.0 security management features.

Note You must use this guide in conjunction with the Cisco IP Solution Center Infrastructure Reference, 3.0. These two guides, the Cisco IP Solution Center Infrastructure Reference, 3.0 and Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 are intended to be used together.

Audience

This guide is for network administrators and managers who perform any of the following tasks:

•Manage network security

•Manage site-to-site network services

•Manage IPsec or VPN services

•Manage firewalls

•Configure network address translation (NAT)

Document Organization

The Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 includes the following chapters:

•"Contents" lists all sections included in this guide.

•"Figures" lists all figures in this guide.

•"Tables" lists all tables in this guide.

•"About This Guide" introduces the Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0, describes the documentation conventions used in this guide, and supplies Cisco technical support contact information.

•"ISC Security Concepts," introduces you to the ISC security management implementation.

•"Preparing for Security Provisioning," contains information on how to begin security provisioning with ISC.

•"Site-to-Site VPN Services," is a task-oriented chapter on how to set up site-to-site VPN services.

•"Remote Access VPN Services," is a task-oriented chapter on how to set up remote access services.

•"NAT Services," is a task-oriented chapter on how to set up network address translation (NAT) services.

•"Firewall Services," is a task-oriented chapter on how to set up firewall services.

•"Provisioning Services," contains task-oriented ISC service request deployment and maintenance information.

•"Index" lists the topics covered in this guide and their corresponding page numbers.

Document Conventions

The graphical user interface (GUI) description in this guide uses the following conventions:

•Boldface indicates buttons, drop-down lists, and menu items.

•Selecting an item or new window is indicated by the following convention:

Click Start > Settings > Control Panel.

In this convention, only the name of the item is included. For example, "Start" is used instead of "the Start button," and "Click Start > Settings > Control Panel" is equivalent to saying "Click Start, then click Settings, and then click Control Panel."

Examples in this guide use the following conventions:

•Examples of ISC configlets are in screen font.

•Information you need to enter directly into a configlet is shown in boldface screen font.

•Variables for which you must supply a value are shown in italic times font.

Configlet syntax descriptions use these conventions:

•Braces ({ }) indicate a required choice.

•Square brackets ([ ]) indicate optional elements.

•Vertical bars ( | ) separate alternative, mutually exclusive elements.

•Boldface indicates commands and keywords that are entered literally as shown.

•Italics indicate arguments for which you supply values.

Note The "note" callout means reader take note. Notes contain helpful information or references to complimentary material.

Related Documentation

The complete ISC documentation set is as follows:

•Release Notes for Cisco IP Solution Center, 3.0

•Cisco IP Solution Center Installation Guide, 3.0

•Cisco IP Solution Center Infrastructure Reference, 3.0

•Cisco IP Solution Center, 3.0: L2VPN Management User Guide, 3.0

•Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0

•Cisco IP Solution Center, 3.0: Quality of Service Management User Guide, 3.0

•Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0

Obtaining Documentation

Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation on the World Wide Web at this URL:

http://www.cisco.com/univercd/home/home.htm

You can access the Cisco website at this URL:

http://www.cisco.com

International Cisco websites can be accessed from this URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated regularly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual or quarterly subscription.

Registered Cisco.com users can order a single Documentation CD-ROM (product number DOC-CONDOCCD=) through the Cisco Ordering tool:

http://www.cisco.com/en/US/partner/ordering/ordering_place_order_ordering_tool_launch.html

All users can order monthly or quarterly subscriptions through the online Subscription Store:

http://www.cisco.com/go/subscription

Ordering Documentation

You can find instructions for ordering documentation at this URL:

http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm

You can order Cisco documentation in these ways:

•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/en/US/partner/ordering/index.shtml

•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.

You can e-mail your comments to bug-doc@cisco.com.

You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities.

Cisco.com

Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com provides a broad range of features and services to help you with these tasks:

•Streamline business processes and improve productivity

•Resolve technical issues with online support

•Download and test software packages

•Order Cisco learning materials and merchandise

•Register for online skill assessment, training, and certification programs

To obtain customized information and service, you can self-register on Cisco.com at this URL:

http://tools.cisco.com/RPF/register/register.do

Technical Assistance Center

The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The type of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable.

We categorize Cisco TAC inquiries according to urgency:

•Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration. There is little or no impact to your business operations.

•Priority level 3 (P3)—Operational performance of the network is impaired, but most business operations remain functional. You and Cisco are willing to commit resources during normal business hours to restore service to satisfactory levels.

•Priority level 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively impacted by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

•Priority level 1 (P1)—An existing network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Cisco TAC Website

The Cisco TAC website provides online documents and tools to help troubleshoot and resolve technical issues with Cisco products and technologies. To access the Cisco TAC website, go to this URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:

http://tools.cisco.com/RPF/register/register.do

If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, we recommend that you open P3 and P4 cases online so that you can fully describe the situation and attach any necessary files.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

•The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL:

http://www.cisco.com/en/US/products/products_catalog_links_launch.html

•Cisco Press publishes a wide range of networking publications. Cisco suggests these titles for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking Troubleshooting Guide, and the Internetworking Design Guide. For current Cisco Press titles and other information, go to Cisco Press online at this URL:

http://www.ciscopress.com

•Packet magazine is the Cisco quarterly publication that provides the latest networking trends, technology breakthroughs, and Cisco products and solutions to help industry professionals get the most from their networking investment. Included are networking deployment and troubleshooting tips, configuration examples, customer case studies, tutorials and training, certification information, and links to numerous in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/go/packet

•iQ Magazine is the Cisco bimonthly publication that delivers the latest information about Internet business strategies for executives. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html

•Training—Cisco offers world-class networking training. Current offerings in network training are listed at this URL:

http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html

	Cisco IP Solution Center Security User Guide, 3.0
	About This Guide
Cisco IP Solution Center Security User Guide, 3.0 Index About This Guide ISC Security Concepts Preparing for Security Provisioning Site-to-Site VPN Services Remote Access VPN Services NAT Services Firewall Services Provisioning Services Updating and Modifying Pre-shared Keys	Download this chapter About This Guide Download the complete book Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 - Whole Book PDF (PDF - 4 MB) Feedback Table Of Contents About This Guide Document Objectives Audience Document Organization Document Conventions Related Documentation Obtaining Documentation Cisco.com Documentation CD-ROM Ordering Documentation Documentation Feedback Obtaining Technical Assistance Cisco.com Technical Assistance Center Cisco TAC Website Cisco TAC Escalation Center Obtaining Additional Publications and Information About This Guide This preface introduces the Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 and contains the following sections: •Document Objectives •Audience •Document Organization •Document Conventions •Related Documentation •Obtaining Documentation •Obtaining Technical Assistance •Obtaining Additional Publications and Information Document Objectives This guide contains information on how to use ISC 3.0 security management features. Note You must use this guide in conjunction with the Cisco IP Solution Center Infrastructure Reference, 3.0. These two guides, the Cisco IP Solution Center Infrastructure Reference, 3.0 and Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 are intended to be used together. Audience This guide is for network administrators and managers who perform any of the following tasks: •Manage network security •Manage site-to-site network services •Manage IPsec or VPN services •Manage firewalls •Configure network address translation (NAT) Document Organization The Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 includes the following chapters: •"Contents" lists all sections included in this guide. •"Figures" lists all figures in this guide. •"Tables" lists all tables in this guide. •"About This Guide" introduces the Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0, describes the documentation conventions used in this guide, and supplies Cisco technical support contact information. •"ISC Security Concepts," introduces you to the ISC security management implementation. •"Preparing for Security Provisioning," contains information on how to begin security provisioning with ISC. •"Site-to-Site VPN Services," is a task-oriented chapter on how to set up site-to-site VPN services. •"Remote Access VPN Services," is a task-oriented chapter on how to set up remote access services. •"NAT Services," is a task-oriented chapter on how to set up network address translation (NAT) services. •"Firewall Services," is a task-oriented chapter on how to set up firewall services. •"Provisioning Services," contains task-oriented ISC service request deployment and maintenance information. •"Index" lists the topics covered in this guide and their corresponding page numbers. Document Conventions The graphical user interface (GUI) description in this guide uses the following conventions: •Boldface indicates buttons, drop-down lists, and menu items. •Selecting an item or new window is indicated by the following convention: Click Start > Settings > Control Panel. In this convention, only the name of the item is included. For example, "Start" is used instead of "the Start button," and "Click Start > Settings > Control Panel" is equivalent to saying "Click Start, then click Settings, and then click Control Panel." Examples in this guide use the following conventions: •Examples of ISC configlets are in `screen` font. •Information you need to enter directly into a configlet is shown in boldface screen font. •Variables for which you must supply a value are shown in italic times font. Configlet syntax descriptions use these conventions: •Braces ({ }) indicate a required choice. •Square brackets ([ ]) indicate optional elements. •Vertical bars ( \| ) separate alternative, mutually exclusive elements. •Boldface indicates commands and keywords that are entered literally as shown. •Italics indicate arguments for which you supply values. Note The "note" callout means reader take note. Notes contain helpful information or references to complimentary material. Related Documentation The complete ISC documentation set is as follows: •Release Notes for Cisco IP Solution Center, 3.0 •Cisco IP Solution Center Installation Guide, 3.0 •Cisco IP Solution Center Infrastructure Reference, 3.0 •Cisco IP Solution Center, 3.0: L2VPN Management User Guide, 3.0 •Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0 •Cisco IP Solution Center, 3.0: Quality of Service Management User Guide, 3.0 •Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 Obtaining Documentation Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems. Cisco.com You can access the most current Cisco documentation on the World Wide Web at this URL: http://www.cisco.com/univercd/home/home.htm You can access the Cisco website at this URL: http://www.cisco.com International Cisco websites can be accessed from this URL: http://www.cisco.com/public/countries_languages.shtml Documentation CD-ROM Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated regularly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual or quarterly subscription. Registered Cisco.com users can order a single Documentation CD-ROM (product number DOC-CONDOCCD=) through the Cisco Ordering tool: http://www.cisco.com/en/US/partner/ordering/ordering_place_order_ordering_tool_launch.html All users can order monthly or quarterly subscriptions through the online Subscription Store: http://www.cisco.com/go/subscription Ordering Documentation You can find instructions for ordering documentation at this URL: http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm You can order Cisco documentation in these ways: •Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace: http://www.cisco.com/en/US/partner/ordering/index.shtml •Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387). Documentation Feedback You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page. You can e-mail your comments to bug-doc@cisco.com. You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address: Cisco Systems Attn: Customer Document Ordering 170 West Tasman Drive San Jose, CA 95134-9883 We appreciate your comments. Obtaining Technical Assistance Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities. Cisco.com Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world. Cisco.com provides a broad range of features and services to help you with these tasks: •Streamline business processes and improve productivity •Resolve technical issues with online support •Download and test software packages •Order Cisco learning materials and merchandise •Register for online skill assessment, training, and certification programs To obtain customized information and service, you can self-register on Cisco.com at this URL: http://tools.cisco.com/RPF/register/register.do Technical Assistance Center The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The type of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable. We categorize Cisco TAC inquiries according to urgency: •Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration. There is little or no impact to your business operations. •Priority level 3 (P3)—Operational performance of the network is impaired, but most business operations remain functional. You and Cisco are willing to commit resources during normal business hours to restore service to satisfactory levels. •Priority level 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively impacted by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation. •Priority level 1 (P1)—An existing network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation. Cisco TAC Website The Cisco TAC website provides online documents and tools to help troubleshoot and resolve technical issues with Cisco products and technologies. To access the Cisco TAC website, go to this URL: http://www.cisco.com/tac All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register: http://tools.cisco.com/RPF/register/register.do If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL: http://www.cisco.com/tac/caseopen If you have Internet access, we recommend that you open P3 and P4 cases online so that you can fully describe the situation and attach any necessary files. Cisco TAC Escalation Center The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case. To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml Before calling, please check with your network operations center to determine the Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number. Obtaining Additional Publications and Information Information about Cisco products, technologies, and network solutions is available from various online and printed sources. •The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL: http://www.cisco.com/en/US/products/products_catalog_links_launch.html •Cisco Press publishes a wide range of networking publications. Cisco suggests these titles for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking Troubleshooting Guide, and the Internetworking Design Guide. For current Cisco Press titles and other information, go to Cisco Press online at this URL: http://www.ciscopress.com •Packet magazine is the Cisco quarterly publication that provides the latest networking trends, technology breakthroughs, and Cisco products and solutions to help industry professionals get the most from their networking investment. Included are networking deployment and troubleshooting tips, configuration examples, customer case studies, tutorials and training, certification information, and links to numerous in-depth online resources. You can access Packet magazine at this URL: http://www.cisco.com/go/packet •iQ Magazine is the Cisco bimonthly publication that delivers the latest information about Internet business strategies for executives. You can access iQ Magazine at this URL: http://www.cisco.com/go/iqmagazine •Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL: http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html •Training—Cisco offers world-class networking training. Current offerings in network training are listed at this URL: http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks