Table Of Contents
Supported Devices and Software Versions for Cisco Security Manager 3.0
Scalability
Supported Software
Supported Devices
Supported Devices and Software Versions for Cisco Security Manager 3.0
Revised: March 28, 2006
These sections list the operating system versions and devices that you can manage with Cisco Security Manager:
•
Scalability
•Supported Software
•Supported Devices
Scalability
Cisco Security Manager scales as described in the following table.
Table 1 Cisco Security Manager Scalability
Number of devices (Firewall and VPN)
|
Supports up to 5000 devices.
Note Each security context is considered to be a separate device.
|
Total number of Access Control Entries (ACEs)
|
•1.6 million.
|
Total number of ACEs for each firewall rule table
|
50,000.
|
Number of policy objects
|
5000.
|
Number of simultaneous users
|
•20 users with read-only privileges.
•10 users with read-write privileges.
|
VPN restrictions
|
•We recommend that you limit deployments to 1000 devices at one time.
•A Full Mesh topology should have at most 400 devices assigned.
|
Supported Software
The software that you can use on devices managed with Security Manager are first of all limited by what can run on the device.
In addition, Security Manager has these restrictions on the software you can use:
•Cisco routers and switches have these software restrictions:
–Cisco IOS Software Release 12.3, 12.3T, 12.4, and 12.4T.
–For the Catalyst 6500/7600, you can also use Cisco IOS Software Release 12.0, 12.1, 12.2, and these versions at the specified point release and higher: 12.1(13)E, 12.1(17B)SXA, 12.2(14)SX, 12.2(14)SY, 12.2(17d)SXB, 12.2(18)SXE, and 12.2(18)SXD.
Note You cannot use the Catalyst Operating System on a device managed by Security Manager.
–To configure and manage VPNs on Catalyst 6500/7600 devices, the minimum software release is Cisco IOS Software Release 12.2(17b)SXA.
–To manage a router in IPS Manager, the router must run an IPS-enabled version of Cisco IOS Software. The minimum Cisco IOS Software release is 12.3(8)T. The IPS version of the software must be one of these: 2.0(1), 2.1(1), or 2.2(1).
•Cisco PIX 500 Series Firewalls—PIX Firewall Software Release 6.3 and 7.0.
•Cisco ASA-5500 Series Adaptive Security Appliances—Adaptive Security Appliance Software Release 7.0.
•Cisco Catalyst 6500 Series Firewall Services Module—Firewall Services Module Software Release 2.2 or 2.3.
•IPS sensors and modules—IDS Software 4.0, 4.1, or IPS Software 5.0, 5.1.
Supported Devices
This table lists the devices you can manage in Cisco Security Manager.
Table 2 Cisco Security Manager Supported Devices
Series
|
Devices Supported
|
Routers, Switches
|
Cisco SOHO 77 Series Router
|
•71
•76
•77 ADSL
•77 H ADSL
•78
|
Cisco SOHO 90 Series Secure Broadband Routers
|
•91
•96
•97
|
Cisco 800 Series Routers
|
•801
•803
•805
•811
•813
•828
•831
•836
•837
•851
•857
•871
•876
•877
•878
|
Cisco 1600 Series Routers
|
•1601
•1602
•1603
•1604
•1605
|
Cisco 1700 Series Modular Access Routers
|
•1701
•1710
•1711
•1712
•1720
•1721
•1750
•1751
•1760
|
Cisco 1800 Series Routers
|
•1801
•1802
•1803
•1811
•1812
•1841
|
Cisco 2600 Series Multiservice Platforms
|
•2610
•2611
•2612
•2613
•2620
•2621
•2650
•2651
•2691
|
Cisco 2800 Series Integrated Services Routers
|
•2801
•2811
•2821
•2851
|
Cisco 3600 Series Multiservice Platforms
|
•3620
•3631
•3640
•3660
•3661
•3662
|
Cisco 3700 Series Multiservice Access Routers
|
•3725
•3745
|
Cisco 3800 Series Integrated Services Routers
|
•3825
•3845
|
Cisco 7100 Series VPN Routers
|
•7120
•7140
•7160
|
Cisco 7200 Series Routers
|
•7202
•7204
•7204VXR
•7206
•7206VXR
|
Cisco 7300 Series Routers
|
•7301
•7304
|
Cisco 7500 Series Routers
|
•7505
•7506
•7507
•7513
•7576
|
Cisco 7600 Series Routers
|
•7603
•7604
•7606
•7609
•7613
|
Cisco Catalyst 6500 Series Switches
|
•6503
•6506
•6509
•6509-NEB
•6509-NEB-A
•6513
|
IPSec VPN Services Module (VPNSM) for Cisco Catalyst 6500 Switches and Cisco 7600 Series Routers
|
—
|
Adaptive Security Appliances and Firewalls
|
Cisco PIX 500 Series Firewalls
|
•501
•506
•506E
•515
•515E
•520
•525
•535
|
Cisco ASA-5500 Series Adaptive Security Appliance
|
•5510
•5520
•5540
|
Cisco Catalyst 6500 Series Firewall Services Module
|
—
|
IPS Sensors
|
Cisco IPS 4200 Series Sensors
|
•4210
•4215
•4220
•4230
•4235
•4240
•4250
•4250XL
•4255
•4260
|
Cisco AIP-SSM-10 Security Service Module
|
—
|
Cisco AIP-SSM-20 Security Service Module
|
—
|
Cisco IDS Access Router Network Module
|
—
|
Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Services Module
|
—
|
