Table Of Contents
VPN/Security Management Solution Overview
What's New in VMS 2.3?
VMS Components
System Requirements
Supported Devices
Licensing Requirements
VPN/Security Management Solution Overview
This chapter includes the following overview information:
•
What's New in VMS 2.3?
•VMS Components
•System Requirements
•Supported Devices
•Licensing Requirements
CiscoWorks VPN/Security Management Solution (VMS) is an integral part of the SAFE Blueprint from Cisco and is its flagship integrated security management solution. VMS combines web-based tools for configuring, monitoring, and troubleshooting including:
•Enterprise Virtual Private Networks (VPNs)
•Firewalls
•Network Intrusion Prevention Systems (IPSs)
•Host-based Intrusion Prevention Systems (IPSs)
•Router-based IPSs
VMS addresses the needs of both small- and large-scale VPN and security deployments by helping to protect productivity gains and reduce operating costs. Unlike point security products from multiple vendors that can leave vulnerable gaps, VMS provides a comprehensive solution that ties separate security and VPN technologies into a single secure network.
What's New in VMS 2.3?
The management functions for firewalls, Network IPS, Cisco Security Agents, VPNs, security monitoring, and performance monitoring have been updated with new features or usability improvements. Management Center for IDS Sensors is called Management Center for IPS Sensors for its increased IPS focus. The installation of VMS is faster and more streamlined. Management support for router-based IPS signatures has been added to extend security to the network infrastructure.
VMS Components
Table 1-1 describes VMS 2.3 components and the capabilities of each. VMS is packaged in one sub-box with Obtaining Documentation directing you to VMS documentation and the following two CDs:
•VMS Management and Monitoring Centers Disk 1 of 2—Contains these VMS components and associated product documentation:
–CiscoWorks Common Services
–Auto Update Server
–Management Center for Firewalls
–Management Center for IPS Sensors (Formerly Management Center for IPS Sensors.)
–Monitoring Center for Performance
–Monitoring Center for Security
–Management Center for VPN Routers
•VMS Management and Monitoring Centers Disk 2 of 2—Contains these VMS components and associated product documentation:
–Management Center for Cisco Security Agents
–Resource Manager Essentials
–Resource Manager Essentials IDU 12
–Management Center for IDS Sensors 2.0.1 (For upgrade customers only.)
–Monitoring Center for Security 2.0.1 (For upgrade only.)
Note You must install IDU 12 included on Disk 2 for RME to work with VMS 2.3 even if you already have RME 3.5 installed on your server.
Table 1-1 VMS Components and Capabilities
This Component...
|
Enables you to....
|
CiscoWorks Common Services 2.2 (Common Services) with Service Pack 3 (embedded)
|
Provide the following common software and services for VMS components:
•Common Services Service Pack 3—Embedded update with the most recent security updates and bug fixes.
•Common Services 2.2—A set of shared application services.
•CiscoView 5.5—A graphical device management tool.
•Integration Utility 1.5—An integration module that supports third-party Network Management Systems (NMS).
|
Auto Update Server 1.3 (AUS)
|
Upgrade device configuration files and software images on firewalls that use the auto update feature.
|
Management Center for Cisco Security Agents 4.5 (CSA MC)
|
Configure and manage Cisco Security Agents to provide advanced host-based intrusion prevention for servers and desktops.
|
Management Center for Firewalls 1.3.4 (Firewall MC)
|
Configure PIX Firewalls and Cisco Catalyst Firewall Services Modules (FWSM).
|
Management Center for VPN Routers 1.3.1 (Router MC)
|
Configure and manage large-scale deployments of VPNs on Cisco VPN routers and Catalyst 6000 VPN Service Modules.
|
Management Center for IPS Sensors 2.1 (IPS MC)
|
Configure and manage network-based IPS Sensors, Cisco Catalyst 6000 Intrusion Detection System Modules (IPSMs), IPS network modules for Cisco routers (NM-CIDS), and Cisco IOS Intrusion Prevention System (IPS) devices.
|
Monitoring Center for Performance 2.0.2 (MCP)
|
Monitor and troubleshoot the health and performance of enterprise network security services.
|
Monitoring Center for Security 2.1 (Security Monitor)
|
Monitor and manage intrusion alarms and events from network-based IPS, host-based IPS, Cisco IOS IPS, FWSM and PIX Firewall devices.
|
Resource Manager Essentials 3.5 (RME)
|
Manage network inventory and device changes, network configuration, and software image updates.
|
System Requirements
This section contains:
•VMS Server Requirements for Windows in Table 1-2
•VMS Client Requirements in Table 1-3
Table 1-2 VMS Server Requirements for Windows
Component
|
Minimum Requirement
|
Hardware
|
•IBM PC-compatible with 1 GHz or faster Pentium processor
•Color monitor with video card capable of 16-bit colors
•CD-ROM drive
•100BaseT or faster connection
|
Operating System
|
Windows 2000 Professional, Server, and Advanced Server (Service Pack 4)
Note Support for Advanced Server requires turning Terminal Services off during installation. See your Microsoft documentation for information.
|
File System
|
NTFS
|
Memory
|
1 Gigabyte, minimum
|
Virtual Memory
|
2 Gigabytes, minimum
|
Hard Drive Space
|
9 Gigabytes of free hard drive space, minimum
Note The actual amount of hard drive space required depends upon the number of CiscoWorks Common Services client applications you are installing and the number of devices you are managing with the client applications.
|
;
Table 1-3 VMS Client Requirements
Component
|
Minimum Requirement
|
Hardware/Software
|
IBM PC-compatible computer with 300 MHz or faster Pentium processor running one of the following:
•Windows 2000 Server, or Professional Edition with Service Pack 4
•Windows XP Professional with Service Pack 1
and/or Service Pack 2
|
Hard Drive Space
|
400 MB virtual memory
|
Memory
|
256 MB minimum
|
Browser
|
You must also install one of the following HTML browsers:
•Microsoft Internet Explorer 6, Service Pack 1
•Netscape Navigator 7.1
|
Java Run-time Environment (JRE)
|
Sun JRE 1.4.1_02
Note If you are working with multiple versions of JRE see the CiscoWorks VPN/Security Management Solution Deployment Guide on Cisco.com at: http://www.cisco.com/en/US/products/sw/cscowork/ps2330/prod_white_papers_list.html.
|
Supported Devices
Supported device tables for each VMS component are available online and are updated each time a component is updated. Go to http://www.cisco.com/en/US/products/sw/cscowork/ps2330/index.html and select Device Support Tables under the components for which you are seeking Device Support information.
Licensing Requirements
During VMS installation a 90-day unrestricted license is installed, enabling you to begin using VMS applications immediately. For uninterrupted use of VMS, you must apply for and install a production license immediately after installation.
You do not need to apply for a new production license during upgrade but you need to reload the license you received when you first installed and applied for a production license. Please see"Upgrading Common Services Production License" and "Upgrading CSA MC Production License".
