|
Table Of Contents
Auto Update Server for Firewall Management
Server Specifications (Minimum Requirements)
Positioning with CiscoWorks VMS Basic
Overview
CiscoWorks VPN/Security Management Solution
Version 2.2CiscoWorks VPN/Security Management Solution (VMS) is the flagship integrated security management solution from Cisco Systems®. It protects productivity and reduces operating costs for enterprises by combining Web-based tools for configuring, monitoring, and troubleshooting enterprise VPNs, firewalls, network-based intrusion detection systems (IDSs), and host-based intrusion prevention systems (IPSs). CiscoWorks VMS is an integral part of the SAFE Blueprint from Cisco® for network security, and delivers the industry's first robust and scalable foundation and feature set that addresses the needs of small- and large-scale VPN and security deployments.
Today's business challenges and resulting security deployments require more than the ability to support numerous devices. Many customers have limited staffing, yet are asked to manage several different types of security devices. They must manage the security and network infrastructure; frequently update remote devices; implement change control and auditing, when multiple groups are involved in defining and deploying policies; enhance security without adding more headcount; and deploy remote-access VPNs to all employees and monitor the VPN service.
CiscoWorks VMS enables customers to deploy security infrastructures from small to large environments, using the following powerful features:
•
Integrated infrastructure management
CiscoWorks VMS uniquely manages SAFE Blueprint components, including firewalls, VPNs, network IDSs, and host IPSs. Effective management involves more than configuring devices—CiscoWorks VMS provides a complete range of configuration, monitoring, and troubleshooting features. CiscoWorks VMS manages not only the security infrastructure but also the network infrastructure. Customers benefit from being able to manage these components through one solution. CiscoWorks VMS delivers integrated monitoring of Cisco PIX® firewalls, Cisco IOS® Software, network-based IDSs, and host-based IPSs, along with event correlation.
•
CiscoWorks VMS implements a foundation that makes it easier to scale management to many devices. CiscoWorks VMS provides users with a consistent GUI to reduce learning time, workflow to allow multiple administrators to work together and coordinate tasks, access control server (ACS) integration to precisely control access, support for Windows and Solaris platforms, use of a robust database engine, simplified installation, and more. An industry-leading feature of this foundation is the Auto Update feature, which allows numerous devices to be updated easily and quickly. Auto Update enables devices, even remote and dynamically addressed devices, to periodically "call home" to an update server and pull the most current security configurations or Cisco PIX operating system. Auto Update is required to effectively scale remote-office firewall deployments across intermittent links or dynamic addresses. Prior policy updating methods relied on a "push" model. Although this model works for known devices, it does not work for remote devices with unknown addresses or devices that are not always active. Without Auto Update, a more manual process is required to update each remote device. The Auto Update feature provides a dramatic scalability improvement for organizations that want to deploy devices with many remote and local locations.
•
CiscoWorks VMS enables organizations to easily implement corporate security policies across multiple locations. For example, the Smart Rules feature allows an administrator to define a device group for the New York sales office and deploy that same policy to all other sales offices quickly and consistently. In addition to easier and faster policy updates, Auto Update provides consistent policy deployment for remote devices. The Command and Control Workflow feature provides change control and auditing, and is particularly important for customers who have separate groups for network and security operations. The solution includes workflow processes for generating, approving, and deploying configurations. This can help organizations delegate tasks to different administrators while still functioning as a team. An audit of the changes can be maintained.
•
CiscoWorks VMS allows RBAC and enables groups to have different access rights across different devices and applications, providing precise and secure control.
CiscoWorks VMS Functions
CiscoWorks VMS is launched from the CiscoWorks dashboard and is organized into several functional areas:
•
•
•
•
•
•
•
•
Figure 1 shows CiscoWorks VMS displayed as a "drawer" in the CiscoWorks dashboard.
Firewall Management
CiscoWorks VMS enables the large-scale deployment of Cisco PIX firewalls by providing the following features:
•
•
•
•
•
•
•
•
The Smart Rules feature allows common information, including access rules and settings, to be inherited for all firewalls in a device or customer group. Smart Rules allows a user to define common rules once, which results in reduced configuration time, fewer administrative errors, and higher device scalability. Using Smart Rules, a user can configure a common rule (such as allowing all HTTP traffic) once and can apply this rule globally to all firewalls. Smart Rules can also be defined on a device or customer group basis. For specific information on CiscoWorks firewall management, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps3992/index.html.Auto Update Server for Firewall Management
CiscoWorks VMS introduces the industry's first firewall Auto Update Server that allows users to implement a "pull" model for security and Cisco PIX operating system management. Auto Update Server permits remote firewall networks with unprecedented scalability. The Auto Update Server allows Cisco PIX firewalls to periodically and automatically contact the update server for any security configuration, Cisco PIX operating system, and Cisco PIX Device Manager updates. The Auto Update Server supports the following features:
•
•
•
•
•
•
The Auto Update Server is an indispensable component of any large-scale remote Cisco PIX firewall deployment—an easy-to-use solution that automatically updates all remote or local firewalls with new operating system releases. Cisco is the industry's first vendor to provide this pull model of security policy and operating system management. For specific information on the Auto Update Server component of CiscoWorks VMS, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps3993/index.htmlNetwork-Based IDS Management
Administrators can use CiscoWorks VMS to configure network and switch IDS sensors. Many sensors can be quickly configured using group profiles. Additionally, a more powerful signature management feature is included to increase the accuracy and specificity of detection. Some prominent features are:
•
•
•
•
•
•
For specific information about the network-based IDS management component of CiscoWorks VMS, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps3990/index.html.Host-Based IPS Management
CiscoWorks VMS provides threat protection for server and desktop computing systems, also known as "endpoints." CiscoWorks VMS goes beyond conventional endpoint security solutions by identifying and preventing malicious behavior before it can occur, thereby removing potential known and unknown security risks that threaten enterprise networks and applications. Because CiscoWorks VMS analyzes behavior rather than relying on signature matching, its solution provides robust protection with reduced operational costs. Features of host-based IPS management include:
•
•
•
•
•
•
For specific information about the host-based IPS management component of CiscoWorks VMS, refer to the Management Center for Cisco Security Agents data sheet.
http://www.cisco.com/en/US/products/sw/cscowork/ps5212/index.htmlVPN Router Management
CiscoWorks VMS includes functions for the setup and maintenance of large deployments of VPN connections and provides users with a point-and-click interface for setting up and deploying connections. This component is intended for scalable configuration of site-to-site VPN connections in a hub-and-spoke topology for centralized, multidevice configuration and deployment of Internet Key Exchange (IKE) and IP Security (IPSec) tunneling policies on VPN routers.
Major features include:
•
•
•
•
For specific information about the VPN router management component of CiscoWorks VMS, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps3994/index.html.Security Monitoring
CiscoWorks VMS provides integrated monitoring to reduce the number of security monitoring consoles, reduce the number of events to monitor, and provide a broader view of security status.
•
•
•
•
•
For specific information about the security-monitoring component of CiscoWorks VMS, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps3991/index.htmlMonitoring for Performance
CiscoWorks VMS introduces improved functions for monitoring and troubleshooting the performance of services that contribute to enterprise network security. The functions will enable the user to:
•
•
•
•
•
For specific information about the performance monitoring component of CiscoWorks VMS, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps5387/index.html.Performance Monitoring
The Monitoring Center for Performance component, within the CiscoWorks VPN/Security Management Solution (VMS), is a web-based tool for monitoring and troubleshooting the health and performance of services that contribute to enterprise network security. The Monitoring Center for Performance enables users, without requiring expertise with IPSEC or other security technologies, to increase service availability by isolating, troubleshooting significant events in their network as they occur.
The Monitoring Center for Performance can monitor and troubleshoot health and performance of:
•
•
•
•
•
•
•
Operational Management
•
•
•
•
•
•
•
•
•
•
For specific information on the operational management component of CiscoWorks VMS, refer to:
http://www.cisco.com/en/US/products/sw/cscowork/ps2073/index.html.Server Specifications (Minimum Requirements)
Server Hardware
CiscoWorks VMS requires one of the following servers:
•
•
•
Server hardware needs to be equipped with at least:
•
•
•
•
•
•
Server Operating System
CiscoWorks VMS requires one of the following operating systems:
•
Note: Support for Advanced Server requires that Terminal Services be turned off.
•
Java Requirements
Sun Java plug-in 1.4.1_02
Client Requirements
Hardware
CiscoWorks VMS requires one of the following for the client:
•
•
Client Operating System
CiscoWorks VMS requires one of the following for the client:
•
•
Client Browser
All CiscoWorks VMS components support Internet Explorer 6.0 with Service Pack 1 on Windows platforms. Table 1 identifies Netscape Navigator support by individual components where these requirements differ from CiscoWorks VMS as a whole.
Service and Support
CiscoWorks products are eligible for coverage under the Cisco Software Application Service (SAS) program. This service program offers customers contract-based, 24-hour access to the Cisco Technical Assistance Center (TAC), full Cisco.com privileges, and software maintenance updates. A Cisco SAS contract ensures that customers have easy access to the information and services needed to stay current with newly supported device packages, patches, and minor updates. For further information about service and support offerings, contact your local sales office.
Ordering Information
CiscoWorks VMS is available for purchase through regular Cisco sales and distribution channels worldwide. CiscoWorks VMS includes all the components needed for an independent installation on a Microsoft Windows or Sun Solaris workstation.
Positioning with CiscoWorks VMS Basic
CiscoWorks VMS Basic is bundled with select Cisco security solutions such as Cisco IDS sensors. The CiscoWorks VMS 2.2 Basic license offers the same capabilities as the CiscoWorks VMS 2.2 Restricted licensed software, except in the following areas:
•
•
For customers who need to manage 6 to 20 devices, the VMS Restricted license is recommended. For customers who need to manage more than 20 devices or need to install on Solaris, the VMS Unrestricted license is recommended.
For More Information
For more information, send an e-mail message to ciscoworks@cisco.com or go to:
http://www.cisco.com/warp/public/cc/pd/wr2k/vpmnso/prodlit/.
Posted: Fri Jun 18 08:31:13 PDT 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
