CiscoWorks Routed WAN Management Solution

CiscoWorks Routed WAN Management Solution 1.3

Table Of Contents

Q & A

Q & A

CiscoWorks Routed WAN Management Solution 1.3

Q. What is the Routed WAN Management (RWAN) Solution?

A. The Cisco Routed WAN Management Solution extends the CiscoWorks product family, providing a collection of powerful enterprise management applications to configure, administer, monitor, and troubleshoot the complexities typically associated with managing a routed wide-area network.

The applications inside are:

Access Control List (ACL) Manager—This Web-based tool significantly reduces the time required to set up, manage, and optimize Cisco IOS® software-based IP and Internet Packet Exchange (IPX) traffic filtering and device ACLs.

Internetwork Performance Monitor (IPM)—This network response time and availability troubleshooting application enables wide-area network (WAN) managers to proactively troubleshoot network response times by utilizing instrumentation inside the devices on the network.

Resource Manager Essentials (RME)—RME provides network inventory and device change management, network configuration and software image management, network availability, and syslog analysis. It also offers powerful integration links to Cisco Connection Online (CCO).

CiscoView—The most widely used Cisco graphical device management application is now Web-based, providing WAN managers with browser access to real-time device status, operational and configuration functions.

Q. Why is Cisco offering this solution package?

A. The CiscoWorks Routed WAN Management Solution is one of many solutions Cisco currently offers. The Routed WAN Management Solution allows customers the flexibility of deploying end-to-end network management tools tailored to specific needs of the routing devices in the Wide-area portion of the network. This wide-area solution complements the LAN Management Solution (LMS), IP Telephony Environment Monitor (ITEM) formerly VoIP Health Monitor (VOIP-HM), VPN/Security Management Solution (VMS), and QoS Policy Manager (QPM). These solutions offer customers significant value and simplify the ordering process.

Q. Is the Routed WAN Management Solution a replacement for the existing CiscoWorks Campus Bundle, or its replacement, known as the LAN Management Solution?

A. No, the Routed WAN Management Solution is a set of value-added functionality specifically aimed at simplifying the management of routed WAN environments. The Campus Bundle is replaced by the LAN Management Solution and provides advanced Catalyst® switch management features combined with basic device monitoring, configuration, and troubleshooting tools. Customers can choose to deploy one or both of these WAN and LAN solutions in their networks.

Q. Can all of the solutions in RWAN be loaded on the same machine?

A. Yes. Provided both the RWAN and LMS components support the services of Common Services 2.2. RWAN 1.3 can reside together with LMS 1.3 or 2.2. CiscoWorks solutions supporting different versions of CD One cannot reside on the same server because they share common resources such as the Web server, a common management desktop, and user security system. Customers with large networks will find that for performance, security, and maintenance reasons hosting various RWAN applications on separate servers is more desirable. A table of server sizing recommendations is included in the RWAN and LMS documentation available online on Cisco Connection Online (CCO).

Q. What new features, functions and device support are provided in the new May 2003 update release of the Routed WAN Management Solution?

A. RWAN component updates and enhancements are as follows:

Internetwork Performance Monitor 2.5

Support for HTTP performance collector (for static URLs as target for performance operations)

Improved graphing, including multi-graphing, where all paths or hops between two end points can be shown on one graph for comparison purposes.

Path usage report showing distribution paths taken between source and target

Auto Baselining of collector thresholds

Global edit of IPM operation applied to all IPM collectors

Enhanced database export capabilities

Improved integration with CiscoWorks desktop including the ability to launch IPM help

Minimum Cisco IOS Software requirements:

Release 11.2(18), 11.3(6), 12.0(5), 12.0(5)T, 12.1(1), 12.1(2)T, 12.2(1), 12.2(2)T

Recommended Cisco IOS Software releases:

Release 11.3(11) or later, Release 12.1(3) or later

Access Control List Manager 1.5

Provides broader support in managing all ACLs by allowing templates or ACLs without associations to an ACL Use. Removes the limitation of only managing ACLs associated to packet filtering, SNMP/TFTP and line access ACL uses.

Creating, editing, naming and numbering ACL's

Options for saving configuration file to disk

Support for optimizing ACL statement to eliminate redundancies

Printing of ACLs, ACEs, optimization details, difference data

Users can backup the ACL Manager data for disaster recovery using the integrated CiscoWorks Backup tasks.

Co-existence with RME 3.5 and Common Services 2.2

SSH and SSL support for ACLM client

Support for IOS release 10.3 through 12.2


Support for Catalyst OS release 5.3 CSX through 7.1

SNMP access to Cisco routers can be controlled through ACLs. ACLs for controlling and restricting packet filtering and line access, SNMP server access control, SNMP access to a device and limiting TFTP servers used via SNMP.

New device support:Cisco 1710/50/51/60 Cisco 12404/06/16 Catalyst 6513, 6006/09/, uBR 7246VXR, uBR 10012, ESR 10008, uBR-7100/11/14/23, 7246, uBR 904/905/912C/912S/914/924/925, Cisco 7300, Cisco 7600 IR, C7401, 800 series (801/2/3/4/5/11/13/27), 826 QuadV, 7507mx, 7513 mx, MC3810v3, AS5350/5850/5400, Cisco 2650, 2651

CiscoView 5.5

Background discovery and audit trail improvements from CV 5.4.1 have been rolled into this release.

Secure communication between the Client Browser and the server via Secure Sockets Layer (SSL) protocol device list import from local RME through SSL

User security support for Cisco WAN Manager (release 10.4)

Device list import for rapid loading and subsequent accessing of devices

Remote upgrade of user preferences and device packages from previous versions of CiscoView

New progress indicator providing status feedback on task execution

Performance improvements in the Monitor and Configuration menus

Device package enhancements for several cisco products. new device support includes: Cat3550, Cat6500, Network Analysis Modules (NAM-1 and NAM-2) for Cat6500 series and Cisco 7600, AS5350, AS5400, Router 12000, IAD2400, Metro 1500 and URM (1.0). See release notes for complete list.

For new and current device support listing please refer to the following URL. Note: An active CCO logon and password is required to view this web page:

Resource Manager Essentials 3.5

Support for downloading and uploading of device configurations via Secure Shell (SSH) protocol.

Secure communication between the client browser and the RME server via Secure Socket Layer (SSL) protocol.

Support for configuration management for devices across Network Address Translators (NAT) boundaries.

Support for Interactive IOS, CAT-OS & FastSwitch commands in the NetConfig applications.

Provides a convenient collection of tasks for basic VPN management, all tasks are keyed from a predefined set of VPN capable devices, enabling fast determination of VPN related problems.

Users can quickly compare and contrast configurations of VPN devices and perform configuration searches on just the VPN devices in the network.

From Inventory Manager users can interrogate the system to establish VPN devices that have hardware encryption modules. Users can run reports to determine which devices in Inventory Manager database need to be upgraded so as to perform as a VPN device in the network.

Network administrators can quickly isolate VPN related problems by running customized Syslog reports to check for errors related to Hardware encryption, Internet Key Exchange (IKE), Certificates, encapsulation and check for possible intrusion attempts by running "Packet Replay" reports.

Up-to-date inventory of all Cisco devices in the network, including support for Cisco Call Manager and the VPN Concentrator 3000 (VPN c3000).

Batch command enhancement of Network Show Commands facility.

Ability to isolate and view PIX firewall configuration statements.

Summarizes syslog events by severity or user criteria for PIX firewalls.

New device support: Cat3550, Cat6500, Network Analysis Modules (NAM-1 and NAM-2) for Cat6500 series and Cisco 7600.

CiscoWorks Server

Server Support:

Windows2000 Advanced Server (with Terminal Services turned off), Server and Professional Series with Service Pack 3, and Solaris 2.8 support.

Client Browser Support:

UNIX, Solaris: Netscape v4.76

Windows 2000/XP: Netscape v4.78, 4.79

Windows 2000/XP: Internet Explorer v6.0 or v6.0 with Service pack 1

General Items

Please check the CiscoWorks TAC support web pages for field notices on updated environment support and available product updates and improvements.

Q. Do all of the applications in RWAN support SSL/SSH?

A. No, the CiscoWorks Server, CiscoView, RME, and ACLM support SSL/SSH security protocols. IPM currently does not. If an SSL/SSH implementation is desired for running RWAN's applications, please refer to the RWAN Getting Started Guide for installation instructions on loading IPM on a separate server.

Q. Why is nGenius Real-Time Monitor no longer included as part of RWAN?

A. Since Cisco has shifted its sales support for WAN probes directly to NetScout Systems, it made more sense to remove it from the bundle. Existing RWAN 1.x customers will receive an nGenius Real-Time Monitor 1.4 with Service Pack 6 (SP6) maintenance release with their RWAN 1.3 maintenance update. New RWAN customers needing nGenius Real-Time Monitor 1.4 SP6 can purchase the LMS 2.2 cross-bundle promotional package (CWLMS-2.2-P1-K9).

Q. Where can I get more information on individual products in this solution package, online documentation, device support, and ordering information?

A. Refer to for information on the individual products in RWAN 1.3. Product Ordering information can be found using Cisco's Ordering Information page on at:

Q. How will the May 2003 update be made available to customers who already have the Routed WAN Management Solution installed?

A. Existing customers with RWAN service contracts can request CDs through Cisco's Product Upgrade Tool at: Customers who have not purchased extended service can purchase the RWAN 1.3 minor update kit (CWRW-1.3-MR-K9) that includes the latest release updates for the bundle. During interim minor or major release, the Software Planner page, which requires the customer has password access to, provides information on patches and updates as they become available. Please refer to the following link for more information:

Q. If other CiscoWorks solutions are installed in the network, will I need to reinstall the components that are common to both solutions when deploying RWAN?

A. Yes, with the introduction of version 1.3 of the Routed WAN Management Solution (RWAN), architectural changes have been made to the CiscoWorks Management Server. Existing RWAN 1.0/1.1/1.2 and LMS 1.0/1.1/1.2/2.0/2.1 applications are not compatible with these Management Server enhancements. In order to take advantage of RWAN 1.3 and LMS 1.3/2.2 application features and enhancements, customers will need to upgrade their existing server and application environments to RWAN 1.3 and LMS1.3 or 2.2. For more information and guidelines, please refer to the RWAN 1.3 and LMS 1.3/2.2 Getting Started documentation.

Q. If the customer has the RWAN solution, is there a promotional program available to add the LAN Management Solution as well?

A. Yes, existing RWAN customers are eligible for a significant savings when adding LMS 2.2 and other specified management solutions offered by Cisco to their networks. Contact your Cisco sales representative for details on the LMS 2.2 cross bundle promotional package, part number CWLMS-2.2-P1-K9

Q. Can I add the new Cisco Device Fault Manager (DFM) application to a new or existing RWAN installation?

A. Yes. Customers with RWAN can add the LAN Management Solution 2.2 that includes DFM as part of the bundle using the LMS 2.2 cross bundle promotional package, part number CWLMS-2.2-P1-K9. Contact your Cisco sales representative for details.