Installation Guide for Cisco Security Manager 3.0.1 - Index [Cisco Security Manager]

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - R - S - T - U - V - W -

Index

A

antivirus utilities, requirement to disable 5, 6

Auto Update Server (AUS)

licensing 8

overview 4

B

bootstrapping devices 4

browsers

requirements

cache 2

client 8

server 6

See also Internet Explorer

See also Mozilla

C

C/C++ library files, where stored 9

Catalyst 6500/7600 Device Manager (DM6500/7600), overview 3

CD-ONE

unsupported use 4

certificates. See digital certificates

checklists

client, browser best practices 2

server

enhancing performance 2

installation readiness 5

post-installation tasks 2

security best practices 6

Cisco Security Agent

documentation 1

installation, conditions for 6

overview 6

policies

exported, on DVD 6, 3

imported, requirement to reconcile 3

standalone agent 6, 1

security levels

changing 3

default 3

understanding 3

troubleshooting 11, 1

uninstalling, recommendation against 3, 12

Cisco Security Manager

basic concepts 4

getting started 4

late-breaking information about ii

learning more about 4

logging in 3

overview 3

using 4

Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS)

date and time synchronization 5

interoperation with 5

CiscoView Device Manager

features in SecurityManager 3

unsupported use 4

See also Catalyst 6500/7600 Device Manager (DM 6500/7600)

CiscoWorks

CommonServices, overview 2

Monitoring Center for Performance. See Performance Monitor

Monitoring Center for Security. See Security Monitor

TCP ports

Daemon Manager 3

HTTP 3

VPN/Security Management Solution (VMS)

free upgrade from 4

client software

installing 5

InstallShield database corruption 5

logging in to a server 3

using 3

client systems

deleting Temp files 6

file locations on 9, 8

recommendation to delete Temp files 9

video (graphics) card drivers

confirming installed versions 7

upgrading 7

CMFLOCK.TXT file, deleting 13

Common Services

documentation 1

installing 1

licensing 8

required version 2

requirement to use 1

CSTM TCP port 4

D

database TCP port 3

date and time settings

caution against changing 5

recommendation to synchronize 1, 5

use of NTP servers 1

device bootstrapping 4

device credentials repository (DCR)

server process 5

TCP port 3

troubleshooting 5

digital certificates

requirement to create 2

troubleshooting 5

directory encryption, restriction against 6

domain controllers (primary or backup), unsupported use 6

E

encrypted directories, restriction against 6

evaluation license

device count limitations 6

duration 6

upgrading to permanent license 7

Event Services software TCP port requirements

HTTP 4

listening 4

routing 4

services 4

F

files, where stored

Cisco Security Agent

logs 2

policies 6, 3

on client systems 9

on servers 9

file system recommendations 5

G

gatekeeper HIPO TCP port 3

getting started with Cisco SecurityManager 4

H

HTTP TCP port 3

I

installation

client software 5

InstallShield database corruption 5

servers

dependencies 1

general requirements 1

GUI reference 1

post-installation tasks 2

preparatory tasks 1

starting an installation 5

troubleshooting 5

verifying 6

Internet Explorer

cache size requirement 6, 9

confirming the installed Java version 8

security settings 9

versions supported 6, 8

Internet Information Server (IIS)

conflict with SecurityManager 4, 6

requirement to uninstall 4, 6

Internet Inter-ORB Protocol (IIOP) TCP port 3

IP addresses

disabling dynamic addresses 5

static address requirement 6

using a static address 5

IPS database engine TCP port 3

IPS Manager

importing IPSMC2.2 data 7

migrating from IPSMC 3, 7

overview 3

prerequisites to import IPSMC data 7

time required to import IPSMC data 8

using IpsMcDbUpgrade.pl 8

IPS MC

backing up server data 3

exporting data 3

migrating to IPSManager 3, 7

securing the backed-up data 3

IpsMcDbUpgrade.pl 8

J

Java

confirming the installed version 8

embedded version on client systems 8

enabling 2

obtaining 8

version to use with IPSManager 8

JavaScript, enabling 2

L

language versions supported (Windows)

client 8

server 5

LAN Management Solution (LMS), unsupported use 2

licenses

file locations for

PerformanceMonitor 6

RME 5

installing 8

Product Authorization Key (PAK) 7

SecurityManager kit part numbers 7

settings 7

Software License Claim Certificate 7

understanding 7

upgrading 7

uploading new 7

working with 7

license server TCP port 3

M

McAfee Antivirus

incompatibility 6

reenabling 8

requirement to disable 6

memory (RAM)

client requirements 7

server requirements 5

Mozilla

confirming the installed Java version 8

security settings 9

versions supported 6, 8

N

NETBIOS, recommendation to disable 4

network protocols, recommendation to disable 4

network shares, recommendation to avoid 4

Network Time Protocol (NTP) server, recommendation to use 1, 5

Norton Internet Security 2005

incompatibility 6, 8

requirement to disable 6

requirement to uninstall 8

NTFS file system, requirement to use 5

O

ODBC driver manager

confirming the installed version 5

requirements 5

working with Sybase files 5

OGS TCP port 3

online help, tips for viewing 1

operating systems

on client systems

Windows2000 8

Windows2003 8

WindowsXP Professional 8

on servers

Windows2000 5

Windows 2003 Server 5

Osagent UDP port 3

overview 1

P

passwords

admin account 6

requirement to use identical passwords 6

security basics 4

strong passwords

characteristics 3

definition 3

how to require 3

recommendations 3

System Identity Account 6

Performance Monitor

entitlement to install 6

license file location 6

licensing 8

overview 6

permanent license, upgrading from evaluation license 7

point patches

applying to a client 9

applying to a server 10

caution against accepting from a third-party 9

default location on client systems 10

deleting Temp files on client systems 6

obtaining 9

recommendation to delete Temp files on client systems 9

version mismatch 9

popup blockers

configuring 1, 2

conflicting with other installed software 3

disabling 1, 2

requirements 2

troubleshooting 1, 2

ports

required for TCP 2

required for UDP 2

product registration. See licenses

R

Remote Copy Protocol TCP port 3

removable media drives, security implications if compromised 6

requirements

client system 7

servers

installation, general 1

system 4

Resource Manager Essentials (RME)

entitlement to install 5

installing 5

license file location 5

licensing 8

overview 5

S

Secure Shell (SSH) TCP port 2

SecurityManager database TCP port 3

SecurityMonitor 3

server

configuration

boot settings 4

date and time settings 5

file locations

database files 9

log files 9

miscellaneous files 9

installations

best practices 1

dependencies 1

procedures 1

performance

best practices for enhancing 1

operating environment 4

preparation checklists 1

processes, verifying status 7

traffic

required inbound ports 2

required outbound ports 2

service agreement contracts 7

service packs

applying to a client 9

applying to a server 10

caution against accepting from a third-party 9

default location on client systems 10

deleting Temp files on client systems 6

obtaining 9

recommendation to delete Temp files on client systems 9

version mismatch 9

services

minimum required for Windows 4

required for TCP 2

required for UDP 2

SNMP polling UDP port 3

SNMP trap UDP port 3

software updates. See point patches

SSL certificate invalidation 5

SSL mode (for HTTP server) TCP port 3

support

service agreement contracts 7

Software Application Support contracts 7

Sybase, requirement to disable 6, 5

Sybase database files, requirement to use correct ODBC version 5

Syslog UDP port 3

T

TACACS+ TCP port 2

TCP

list of required ports 2

list of required services 2

Telnet TCP port 2

Terminal Services

requirements 6

unsupported configuration 6

Tomcat

Ajp13 connector TCP port 3

global library files, where stored 9

shutdown TCP port 3

Trivial File Transfer Protocol (TFTP) UDP port 2

troubleshooting

antivirus scanners 3

Cisco Security Agent

blocking a valid operation 12

blocking network access 11

diagnostic utility 12

icon appearance changed in system tray 12

obtaining a revised agent from TAC 12

recognizing when the agent is disabled 12

security level is High 11

setting the security level to Medium 11

untrusted rootkit detected 11

using the log file 11

collecting server troubleshooting information 13

DCRServer process does not start 5

error messages

client installation 7

server installation 2

server uninstallation 6

file contents cannot be unpacked 5

file corruption

executable file 5

host-based intrusion software 3

incorrect GUI 7, 4

installation

does not run 9

hangs 3, 8

reviewing log files 16

interoperation with CS-MARS 5

invalid SSL certificate 5

java.security.cert errors 5

mapped drives 5

missing

GUI 4

product features 4

popup blockers 3, 1, 2

security software conflicts 3

server processes

changing 14

restarting 15

viewing 14

server self-test 13

uninstallation

does not run 9

hangs 6

using MDCSupport.exe 13

U

UDP

list of required ports 2

list of required services 2

uninstallation

cautions against

uninstalling from infected servers 12

client software 11

InstallShield database corruption 11

recommendation to restart client systems 12

recommendation to restart servers 13

servers

deleting CMFLOCK.TXT 13

failure to delete CSCOpx/bin folder 12

server software 12

updates. See point patches

upgrading from

an earlier release 3

VMS 3

user accounts

admin 2

casuser 2

System Identity 2

understanding 1

user permissions, understanding 3

using SecurityManager 4

V

verifying an installation 6

VMS, free upgrade from 4

W

web context files, where stored 9

Windows services, required 4

	Installation Guide for Cisco Security Manager 3.0.1
	Index
Installation Guide for Cisco Security Manager 3.0.1 Preface Overview Requirements and Dependencies Preparing a Server for Installation Installing, Upgrading, Downgrading, Uninstalling, and Reinstalling Server Applications Installing, Patching, and Uninstalling Security Manager Client Post-installation Server Tasks Preparing to Use Security Manager Security Manager Server Installation GUI Reference Troubleshooting Cisco Security Agent: Standalone Agent Overview Helpful Reference Information Index	Download this chapter Index Download the complete book Installation Guide for Cisco Security Manager 3.0.1 (PDF - 2 MB) Table Of Contents A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - R - S - T - U - V - W - Index A antivirus utilities, requirement to disable 5, 6 Auto Update Server (AUS) licensing 8 overview 4 B bootstrapping devices 4 browsers requirements cache 2 client 8 server 6 See also Internet Explorer See also Mozilla C C/C++ library files, where stored 9 Catalyst 6500/7600 Device Manager (DM6500/7600), overview 3 CD-ONE unsupported use 4 certificates. See digital certificates checklists client, browser best practices 2 server enhancing performance 2 installation readiness 5 post-installation tasks 2 security best practices 6 Cisco Security Agent documentation 1 installation, conditions for 6 overview 6 policies exported, on DVD 6, 3 imported, requirement to reconcile 3 standalone agent 6, 1 security levels changing 3 default 3 understanding 3 troubleshooting 11, 1 uninstalling, recommendation against 3, 12 Cisco Security Manager basic concepts 4 getting started 4 late-breaking information about ii learning more about 4 logging in 3 overview 3 using 4 Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) date and time synchronization 5 interoperation with 5 CiscoView Device Manager features in SecurityManager 3 unsupported use 4 See also Catalyst 6500/7600 Device Manager (DM 6500/7600) CiscoWorks CommonServices, overview 2 Monitoring Center for Performance. See Performance Monitor Monitoring Center for Security. See Security Monitor TCP ports Daemon Manager 3 HTTP 3 VPN/Security Management Solution (VMS) free upgrade from 4 client software installing 5 InstallShield database corruption 5 logging in to a server 3 using 3 client systems deleting Temp files 6 file locations on 9, 8 recommendation to delete Temp files 9 video (graphics) card drivers confirming installed versions 7 upgrading 7 CMFLOCK.TXT file, deleting 13 Common Services documentation 1 installing 1 licensing 8 required version 2 requirement to use 1 CSTM TCP port 4 D database TCP port 3 date and time settings caution against changing 5 recommendation to synchronize 1, 5 use of NTP servers 1 device bootstrapping 4 device credentials repository (DCR) server process 5 TCP port 3 troubleshooting 5 digital certificates requirement to create 2 troubleshooting 5 directory encryption, restriction against 6 domain controllers (primary or backup), unsupported use 6 E encrypted directories, restriction against 6 evaluation license device count limitations 6 duration 6 upgrading to permanent license 7 Event Services software TCP port requirements HTTP 4 listening 4 routing 4 services 4 F files, where stored Cisco Security Agent logs 2 policies 6, 3 on client systems 9 on servers 9 file system recommendations 5 G gatekeeper HIPO TCP port 3 getting started with Cisco SecurityManager 4 H HTTP TCP port 3 I installation client software 5 InstallShield database corruption 5 servers dependencies 1 general requirements 1 GUI reference 1 post-installation tasks 2 preparatory tasks 1 starting an installation 5 troubleshooting 5 verifying 6 Internet Explorer cache size requirement 6, 9 confirming the installed Java version 8 security settings 9 versions supported 6, 8 Internet Information Server (IIS) conflict with SecurityManager 4, 6 requirement to uninstall 4, 6 Internet Inter-ORB Protocol (IIOP) TCP port 3 IP addresses disabling dynamic addresses 5 static address requirement 6 using a static address 5 IPS database engine TCP port 3 IPS Manager importing IPSMC2.2 data 7 migrating from IPSMC 3, 7 overview 3 prerequisites to import IPSMC data 7 time required to import IPSMC data 8 using IpsMcDbUpgrade.pl 8 IPS MC backing up server data 3 exporting data 3 migrating to IPSManager 3, 7 securing the backed-up data 3 IpsMcDbUpgrade.pl 8 J Java confirming the installed version 8 embedded version on client systems 8 enabling 2 obtaining 8 version to use with IPSManager 8 JavaScript, enabling 2 L language versions supported (Windows) client 8 server 5 LAN Management Solution (LMS), unsupported use 2 licenses file locations for PerformanceMonitor 6 RME 5 installing 8 Product Authorization Key (PAK) 7 SecurityManager kit part numbers 7 settings 7 Software License Claim Certificate 7 understanding 7 upgrading 7 uploading new 7 working with 7 license server TCP port 3 M McAfee Antivirus incompatibility 6 reenabling 8 requirement to disable 6 memory (RAM) client requirements 7 server requirements 5 Mozilla confirming the installed Java version 8 security settings 9 versions supported 6, 8 N NETBIOS, recommendation to disable 4 network protocols, recommendation to disable 4 network shares, recommendation to avoid 4 Network Time Protocol (NTP) server, recommendation to use 1, 5 Norton Internet Security 2005 incompatibility 6, 8 requirement to disable 6 requirement to uninstall 8 NTFS file system, requirement to use 5 O ODBC driver manager confirming the installed version 5 requirements 5 working with Sybase files 5 OGS TCP port 3 online help, tips for viewing 1 operating systems on client systems Windows2000 8 Windows2003 8 WindowsXP Professional 8 on servers Windows2000 5 Windows 2003 Server 5 Osagent UDP port 3 overview 1 P passwords admin account 6 requirement to use identical passwords 6 security basics 4 strong passwords characteristics 3 definition 3 how to require 3 recommendations 3 System Identity Account 6 Performance Monitor entitlement to install 6 license file location 6 licensing 8 overview 6 permanent license, upgrading from evaluation license 7 point patches applying to a client 9 applying to a server 10 caution against accepting from a third-party 9 default location on client systems 10 deleting Temp files on client systems 6 obtaining 9 recommendation to delete Temp files on client systems 9 version mismatch 9 popup blockers configuring 1, 2 conflicting with other installed software 3 disabling 1, 2 requirements 2 troubleshooting 1, 2 ports required for TCP 2 required for UDP 2 product registration. See licenses R Remote Copy Protocol TCP port 3 removable media drives, security implications if compromised 6 requirements client system 7 servers installation, general 1 system 4 Resource Manager Essentials (RME) entitlement to install 5 installing 5 license file location 5 licensing 8 overview 5 S Secure Shell (SSH) TCP port 2 SecurityManager database TCP port 3 SecurityMonitor 3 server configuration boot settings 4 date and time settings 5 file locations database files 9 log files 9 miscellaneous files 9 installations best practices 1 dependencies 1 procedures 1 performance best practices for enhancing 1 operating environment 4 preparation checklists 1 processes, verifying status 7 traffic required inbound ports 2 required outbound ports 2 service agreement contracts 7 service packs applying to a client 9 applying to a server 10 caution against accepting from a third-party 9 default location on client systems 10 deleting Temp files on client systems 6 obtaining 9 recommendation to delete Temp files on client systems 9 version mismatch 9 services minimum required for Windows 4 required for TCP 2 required for UDP 2 SNMP polling UDP port 3 SNMP trap UDP port 3 software updates. See point patches SSL certificate invalidation 5 SSL mode (for HTTP server) TCP port 3 support service agreement contracts 7 Software Application Support contracts 7 Sybase, requirement to disable 6, 5 Sybase database files, requirement to use correct ODBC version 5 Syslog UDP port 3 T TACACS+ TCP port 2 TCP list of required ports 2 list of required services 2 Telnet TCP port 2 Terminal Services requirements 6 unsupported configuration 6 Tomcat Ajp13 connector TCP port 3 global library files, where stored 9 shutdown TCP port 3 Trivial File Transfer Protocol (TFTP) UDP port 2 troubleshooting antivirus scanners 3 Cisco Security Agent blocking a valid operation 12 blocking network access 11 diagnostic utility 12 icon appearance changed in system tray 12 obtaining a revised agent from TAC 12 recognizing when the agent is disabled 12 security level is High 11 setting the security level to Medium 11 untrusted rootkit detected 11 using the log file 11 collecting server troubleshooting information 13 DCRServer process does not start 5 error messages client installation 7 server installation 2 server uninstallation 6 file contents cannot be unpacked 5 file corruption executable file 5 host-based intrusion software 3 incorrect GUI 7, 4 installation does not run 9 hangs 3, 8 reviewing log files 16 interoperation with CS-MARS 5 invalid SSL certificate 5 java.security.cert errors 5 mapped drives 5 missing GUI 4 product features 4 popup blockers 3, 1, 2 security software conflicts 3 server processes changing 14 restarting 15 viewing 14 server self-test 13 uninstallation does not run 9 hangs 6 using MDCSupport.exe 13 U UDP list of required ports 2 list of required services 2 uninstallation cautions against uninstalling from infected servers 12 client software 11 InstallShield database corruption 11 recommendation to restart client systems 12 recommendation to restart servers 13 servers deleting CMFLOCK.TXT 13 failure to delete CSCOpx/bin folder 12 server software 12 updates. See point patches upgrading from an earlier release 3 VMS 3 user accounts admin 2 casuser 2 System Identity 2 understanding 1 user permissions, understanding 3 using SecurityManager 4 V verifying an installation 6 VMS, free upgrade from 4 W web context files, where stored 9 Windows services, required 4
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.