Installation Guide for Cisco Security Manager 3.0.1
Post-installation Server Tasks
Download this chapter
Post-installation Server TasksPost-installation Server Tasks
Download the complete book
Installation Guide for Cisco Security Manager 3.0.1Installation Guide for Cisco Security Manager 3.0.1 (PDF - 2 MB)
give_us_feedback

Table Of Contents

Post Installation Server Tasks

Server Tasks To Complete Immediately

Verifying That Required Processes Are Running

Best Practices for Ongoing Server Security

Verifying an Installation or an Upgrade


Post Installation Server Tasks

The following topics are tasks to complete after you install Security Manager or its related applications on a server.

Server Tasks To Complete Immediately

Verifying That Required Processes Are Running

Best Practices for Ongoing Server Security

Verifying an Installation or an Upgrade

Server Tasks To Complete Immediately

Make sure that you complete the following tasks immediately after installation.

Task

1. Reenable or reinstall antivirus scanners and similar products. If you uninstalled or temporarily disabled any server security software, such as an antivirus tool or Cisco Security Agent, reinstall or restart that software now, then restart your server if required.

Note If you see that your antivirus software is reducing the efficiency or responsiveness of a Security Manager server, see your antivirus software documentation for recommended settings.

2. Reenable the services and server processes that you disabled for installation. Do not reenable IIS.

3. Reenable any mission-critical instances of Sybase that you disabled for installation.

4. On the server, add a self-signed certificate to the list of root trusted certificates. To learn how, see your browser documentation.

5. Check for updates on Cisco.com for Security Manager and its related applications. If you learn that updates are available, install the ones that are relevant to your organization and network.

 

6. Do the following if your server has two or more network interface cards configured:

a. Select Start > Settings > Control Panel > Administrative Tools > Services, then stop Cisco Security Manager Daemon Manager.

b. Find NMSROOT\lib\vbroker\gatekeeper.cfg , where NMSROOT is the path to the Security Manager installation directory (the default is C:\Program Files\CSCOpx), then open the file in a text editor.

c. Edit these lines:

#vbroker.gatekeeper.backcompat.callback.host=external-IP-address

#vbroker.se.exterior.host=external-IP-address

#vbroker.se.iiop_tp.host=external-IP-address

#vbroker.se.interior.host=external-IP-address

so that you delete the # character in every instance and replace the IP address in every instance with the DNS-configured, external, static IP address of the NIC that you configured in the Readiness Checklist for Installation, page 1-5.

d. Save your edited version of gatekeeper.cfg, then quit the text editor.

e. Select Start > Settings > Control Panel > Administrative Tools > Services, then restart Cisco Security Manager Daemon Manager.


Verifying That Required Processes Are Running

You can run the pdshow command from a Windows command prompt window to verify that all required processes are running correctly for the Cisco server applications that you choose to install. Process requirements differ among the applications.

Tip To learn more about pdshow, see the Common Services online help.

Use Table 1-1 to understand which applications require which processes.

Table 1-1 Application Process Requirements 

This application:
Requires these Daemon Manager processes:

Common Services 3.0.4 

Apache

CmfDbEngine

CmfDbMonitor

CMFOGSServer

CSRegistryServer

DCRServer

diskWatcher

EDS

EDS-GCF

EDS-TR

ESS

EssMonitor

jrm

LicenseServer

Proxy

RmeGatekeeper

RmeOrb

Tomcat

TomcatMonitor

Cisco Security Manager 3.0.1/
IPS Manager 3.0 

AthenaOGSServer

IDS_CronDaemon

IDS_DatabasePrune

IDS_DbAdminAnalyzer

IDS_DeployDaemon

IDS_Notifier

IDS_ReportScheduler

IdsmdcDbEngine

IdsmdcDbMonitor

VmsBackendServer

vmsDbEngine

vmsDbMonitor

Auto Update Server 3.0 

AusDbEngine

AusDbMonitor

CNSEventGateway

Resource Manager Essentials 4.0.4 

ChangeAudit

ConfigMgmtServer

CTMJrmServer

EssentialsDM

ICServer

NCTemplateMgr

NetShowMgr

RMECSTMServer

RMEDbEngine

RMEDbMonitor

RMEOGSServer

SyslogAnalyzer

SyslogCollector

Tip To verify that the Windows service called "Cisco Security Agent" is running on your server, select Start > Settings > Control Panel > Administrative Tools > Services.

Best Practices for Ongoing Server Security

The least secure component of a system defines how secure the system is. The steps in the following checklist can help you to secure a server and its OS after you install Security Manager:

Task

1. Monitor server security regularly. Log and review system activity. Use security tools such as the Microsoft Security Configuration Tool Set (MSCTS) and Fport to periodically review the security configuration of your server. Review the log file for the standalone version of Cisco Security Agent that is installed sometimes on a Security Manager server.

Tip You can obtain MSCTS from the Microsoft website and Fport from the Foundstone/McAfee website.

2. Limit physical access to your server. If your server contains removable media drives, set the server to boot from the hard drive first. Your data can be compromised if someone boots your server from a removable media drive. You can typically set the boot order in the system BIOS. Make sure you protect the BIOS with a strong password.

3. Do not install remote access or administration tools on the server. These tools provide a point of entry to your server and are a security risk.

4. Set a virus scanning application to run automatically and continuously on the server. Virus scanning software can prevent trojan horse applications from infecting your server. Update the virus signatures regularly.

5. Back up your server database frequently. Store all backups in a secure location with restricted access.


Verifying an Installation or an Upgrade

You can use Common Services to verify that you installed or upgraded Security Manager successfully.

Step 1 Use a browser on the client system to log in to the Security Manager server at: http://<server_name>:1741. (To learn which browsers and browser versions are supported, see Client Requirements, page 1-7.)

Step 2 From the Cisco Security Management Suite page, click the CiscoWorks link in the upper right corner.

Step 3 From the Common Services home page, select Server > Admin.

The administrative GUI appears.

Step 4 To display the Process Management page, click Processes.

The resulting list names all the server processes and describes the operational status of each process. The following processes must be running normally:

vmsDbEngine

vmsDbMonitor

EDS

NoteTo learn whether an installed application might require other processes, such as RmeOrb and RmeGatekeeper for RME, read the documentation for that application on Cisco.com. For product documentation URLs, see:

Common Services Documentation, page vi.

IPS Manager Documentation, page vi.

Auto Update Server Documentation, page v.

Resource Manager Essentials Documentation, page vii.

Management Center for Cisco Security Agents Documentation, page vii.

Performance Monitor Documentation, page viii.

If you are trying to verify the installation because the Security Manager GUI does not appear or is not displayed correctly, see "The Security Manager GUI does not appear, or is not displayed correctly, or certain GUI elements are missing. What happened?" in Appendix A, "Troubleshooting."