Installation Guide for Cisco Security Manager 3.0.1
Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - R - S - T - U - V - W -

Index

A

antivirus utilities, requirement to disable 5, 6

audience for this document ii

Auto Update Server (AUS)

documentation v

licensing 8

overview 4

B

bootstrapping devices 4

browsers

requirements

cache 2

client 8

server 6

See also Internet Explorer

See also Mozilla

C

C/C++ library files, where stored 9

Catalyst 6500/7600 Device Manager (DM6500/7600), overview 3

cautions, significance of iii

CD-ONE

unsupported use 4

certificates. See digital certificates

checklists

client, browser best practices 2

server

enhancing performance 2

installation readiness 5

post-installation tasks 2

security best practices 6

Cisco Marketplace xiii

Cisco Press xiii

Cisco Product Quick Reference Guide, obtaining xiii

Cisco product security

PSIRT x

vulnerability policy portal x

Cisco Security Agent

documentation 1

installation, conditions for 6

overview 6

policies

exported, on DVD 6, 3

imported, requirement to reconcile 3

standalone agent 6, 1

security levels

changing 3

default 3

understanding 3

troubleshooting 11, 1

uninstalling, recommendation against 3, 12

Cisco Security Manager

basic concepts 4

getting started 4

late-breaking information about ii

learning more about 4

logging in 3

overview 3

using 4

Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS)

date and time synchronization 5

interoperation with 5

overview i

CiscoView Device Manager

features in SecurityManager 3

unsupported use 4

See also Catalyst 6500/7600 Device Manager (DM 6500/7600)

CiscoWorks

CommonServices, overview 2

Monitoring Center for Performance. See Performance Monitor

Monitoring Center for Security. See Security Monitor

TCP ports

Daemon Manager 3

HTTP 3

VPN/Security Management Solution (VMS)

free upgrade from 4

migrating data to SecurityManager iv

client software

installing 5

InstallShield database corruption 5

logging in to a server 3

using 3

client systems

deleting Temp files 6

file locations on 9, 8

recommendation to delete Temp files 9

video (graphics) card drivers

confirming installed versions 7

upgrading 7

CMFLOCK.TXT file, deleting 13

Common Services

documentation 1

installing 1

licensing 8

required version 2

requirement to use 1

CSTM TCP port 4

D

database TCP port 3

date and time settings

caution against changing 5

recommendation to synchronize 1, 5

use of NTP servers 1

device bootstrapping 4

device credentials repository (DCR)

server process 5

TCP port 3

troubleshooting 5

digital certificates

requirement to create 2

troubleshooting 5

directory encryption, restriction against 6

documentation

audience for this ii

on Cisco.com viii, xi

on DVD-ROM viii

ordering ix

reviewing updated iii

typographical conventions in ii

documentation, obtaining

Auto Update Server v

Cisco SecurityAgent vii, 1

Cisco SecurityManager iv

CommonServices vi

IPSManager vi

PerformanceMonitor viii

Resource Manager Essentials (RME) vii

documentation feedback, sending to Cisco ii, ix

domain controllers (primary or backup), unsupported use 6

E

encrypted directories, restriction against 6

evaluation license

device count limitations 6

duration 6

upgrading to permanent license 7

Event Services software TCP port requirements

HTTP 4

listening 4

routing 4

services 4

F

FAQs, in the troubleshooting guide iv

files, where stored

Cisco Security Agent

logs 2

policies 6, 3

on client systems 9

on servers 9

file system recommendations 5

G

gatekeeper HIPO TCP port 3

getting started with Cisco SecurityManager 4

H

HTTP TCP port 3

I

installation

client software 5

InstallShield database corruption 5

planning and preparation ii

servers

dependencies 1

general requirements 1

GUI reference 1

post-installation tasks 2

preparatory tasks 1

starting an installation 5

troubleshooting 5

verifying 6

Internet Explorer

cache size requirement 6, 9

confirming the installed Java version 8

security settings 9

versions supported 6, 8

See also browsers

See also Mozilla

Internet Information Server (IIS)

conflict with SecurityManager 4, 6

requirement to uninstall 4, 6

Internet Inter-ORB Protocol (IIOP) TCP port 3

IP addresses

disabling dynamic addresses 5

static address requirement 6

using a static address 5

IPS database engine TCP port 3

IPS Manager

documentation vi

importing IPSMC2.2 data 7

migrating from IPSMC 3, 7

overview 3

prerequisites to import IPSMC data 7

time required to import IPSMC data 8

using IpsMcDbUpgrade.pl 8

See also IPS MC

IPS MC

backing up server data 3

exporting data 3

migrating to IPSManager 3, 7

securing the backed-up data 3

See also IPS Manager

IpsMcDbUpgrade.pl 8

J

Java

confirming the installed version 8

embedded version on client systems 8

enabling 2

obtaining 8

version to use with IPSManager 8

JavaScript, enabling 2

L

language versions supported (Windows)

client 8

server 5

LAN Management Solution (LMS), unsupported use 2

licenses

file locations for

PerformanceMonitor 6

RME 5

installing 8

Product Authorization Key (PAK) 7

SecurityManager kit part numbers 7

settings 7

Software License Claim Certificate 7

understanding 7

upgrading 7

uploading new 7

working with 7

license server TCP port 3

M

Management Center for Cisco Security Agents (CSAMC), documentation vii

Management Center for IPS Sensors (IPSMC). See IPS Manager

McAfee Antivirus

incompatibility 6

reenabling 8

requirement to disable 6

memory (RAM)

client requirements 7

server requirements 5

Monitoring Center for Performance. See Performance Monitor

Mozilla

confirming the installed Java version 8

security settings 9

versions supported 6, 8

N

NETBIOS, recommendation to disable 4

Networking Professionals Connection xiv

network protocols, recommendation to disable 4

network shares, recommendation to avoid 4

Network Time Protocol (NTP) server, recommendation to use 1, 5

Norton Internet Security 2005

incompatibility 6, 8

requirement to disable 6

requirement to uninstall 8

NTFS file system, requirement to use 5

O

ODBC driver manager

confirming the installed version 5

requirements 5

working with Sybase files 5

OGS TCP port 3

online help, tips for viewing 1

operating systems

on client systems

Windows2000 8

Windows2003 8

WindowsXP Professional 8

on servers

Windows2000 5

Windows 2003 Server 5

Osagent UDP port 3

overview 1

P

passwords

admin account 6

requirement to use identical passwords 6

security basics 4

strong passwords

characteristics 3

definition 3

how to require 3

recommendations 3

System Identity Account 6

peer support, Networking Professionals Connection xiv

Performance Monitor

availability viii

documentation viii

entitlement to install 6

license file location 6

licensing 8

overview 6

permanent license, upgrading from evaluation license 7

point patches

applying to a client 9

applying to a server 10

caution against accepting from a third-party 9

default location on client systems 10

deleting Temp files on client systems 6

obtaining 9

recommendation to delete Temp files on client systems 9

version mismatch 9

popup blockers

configuring 1, 2

conflicting with other installed software 3

disabling 1, 2

requirements 2

troubleshooting 1, 2

ports

required for TCP 2

required for UDP 2

product registration. See licenses

PSIRT

email addresses

emergencies x

nonemergencies x

telephone numbers x

publications, obtaining additional xiii

R

related documentation, obtaining vi

Remote Copy Protocol TCP port 3

removable media drives, security implications if compromised 6

requirements

client system 7

servers

installation, general 1

system 4

Resource Manager Essentials (RME)

documentation vii

entitlement to install 5

installing 5

license file location 5

licensing 8

overview 5

S

Secure Shell (SSH) TCP port 2

security

advisories x

emergencies, definition x

incidents, obtaining assistance x

news from Cisco

registering to receive x

RSS feed URL x

nonemergencies, definition x

notices x

PSIRT x

vulnerabilities, reporting x

SecurityManager database TCP port 3

SecurityMonitor 3

server

configuration

boot settings 4

date and time settings 5

file locations

database files 9

log files 9

miscellaneous files 9

installations

best practices 1

dependencies 1

procedures 1

performance

best practices for enhancing 1

operating environment 4

preparation checklists 1

processes, verifying status 7

traffic

required inbound ports 2

required outbound ports 2

service agreement contracts 7

service packs

applying to a client 9

applying to a server 10

caution against accepting from a third-party 9

default location on client systems 10

deleting Temp files on client systems 6

obtaining 9

recommendation to delete Temp files on client systems 9

version mismatch 9

service requests

severity level definitions xiii

submitting xii

services

minimum required for Windows 4

required for TCP 2

required for UDP 2

SNMP polling UDP port 3

SNMP trap UDP port 3

software updates. See point patches

SSL certificate invalidation 5

SSL mode (for HTTP server) TCP port 3

support

Networking Professionals Connection xiv

obtaining from Cisco xi

service agreement contracts 7

Software Application Support contracts 7

Sybase, requirement to disable 6, 5

Sybase database files, requirement to use correct ODBC version 5

Syslog UDP port 3

T

TACACS+ TCP port 2

TCP

list of required ports 2

list of required services 2

technical support (TAC)

obtaining xi

URL for service requests xii

Telnet TCP port 2

Terminal Services

requirements 6

unsupported configuration 6

Tomcat

Ajp13 connector TCP port 3

global library files, where stored 9

shutdown TCP port 3

training, obtaining xiv

Trivial File Transfer Protocol (TFTP) UDP port 2

troubleshooting

antivirus scanners 3

Cisco Security Agent

blocking a valid operation 12

blocking network access 11

diagnostic utility 12

icon appearance changed in system tray 12

obtaining a revised agent from TAC 12

recognizing when the agent is disabled 12

security level is High 11

setting the security level to Medium 11

untrusted rootkit detected 11

using the log file 11

collecting server troubleshooting information 13

DCRServer process does not start 5

error messages

client installation 7

server installation 2

server uninstallation 6

file contents cannot be unpacked 5

file corruption

executable file 5

host-based intrusion software 3

incorrect GUI 7, 4

installation

does not run 9

hangs 3, 8

reviewing log files 16

interoperation with CS-MARS 5

invalid SSL certificate 5

java.security.cert errors 5

mapped drives 5

missing

GUI 4

product features 4

popup blockers 3, 1, 2

security software conflicts 3

server processes

changing 14

restarting 15

viewing 14

server self-test 13

uninstallation

does not run 9

hangs 6

using MDCSupport.exe 13

troubleshooting guide, obtaining iv

typographical conventions in this document ii

U

UDP

list of required ports 2

list of required services 2

uninstallation

cautions against

uninstalling from infected servers 12

client software 11

InstallShield database corruption 11

recommendation to restart client systems 12

recommendation to restart servers 13

servers

deleting CMFLOCK.TXT 13

failure to delete CSCOpx/bin folder 12

server software 12

updates. See point patches

upgrading from

an earlier release 3

VMS 3

user accounts

admin 2

casuser 2

System Identity 2

understanding 1

user permissions, understanding 3

using SecurityManager 4

V

verifying an installation 6

VMS, free upgrade from 4

W

web context files, where stored 9

Windows services, required 4