Introduction to Component Applications
The Security Manager installer enables you to install certain applications and, when you do, requires that you install certain other applications. This section describes those applications and their interdependencies:
CiscoWorks Common Services 3.3 (Common Services) is required for Security Manager 4.2, Resource Manager Essentials 4.3, Auto Update Server 4.2, and Performance Monitor 4.2 to work. You can install Security Manager only if Common Services is already installed on your system or if you select Common Services for installation along with Security Manager.
Common Services provides the framework for data storage, login, user role definitions, access privileges, security protocols, and navigation. It also provides the framework for installation, data management, event and message handling, and job and process management. Common Services supplies essential server-side components to Security Manager that include the following:
- SSL libraries
- An embedded SQL database
- The Apache webserver
- The Tomcat servlet engine
- The CiscoWorks home page
- Backup and restore functions
For more information, see the Common Services documentation at http://www.cisco.com/en/US/products/sw/cscowork/ps3996/products_eol_versions_and_options.html.
Cisco Security Manager is an enterprise-class management application designed to configure firewall, VPN, and intrusion prevention system (IPS) security services on Cisco network and security devices. Cisco Security Manager can be used in networks of all sizes—from small networks to large networks consisting of thousands of devices—by using policy-based management techniques. Cisco Security Manager works in conjunction with the Cisco Security Monitoring, Analysis, and Response System (MARS). Used together, these two products provide a comprehensive security management solution that addresses configuration management, security monitoring, analysis, and mitigation.
Note For more information about Security Manager, visit http://www.cisco.com/go/csmanager. For more information about Cisco Security MARS, visit http://www.cisco.com/go/mars.
To use Security Manager, you must install server and client software.
Security Manager offers the following features and capabilities:
- Service-level and device-level provisioning of VPN, firewall, and intrusion prevention systems from one desktop
- Device configuration rollback
- Network visualization in the form of topology maps
- Workflow mode
- Predefined and user-defined FlexConfig service templates
- Integrated inventory, credentials, grouping, and shared policy objects
- Convenient cross-launch access to related applications:
– When you install the server software, you also install read-only versions of the following device managers: Adaptive Security Device Manager (ASDM), PIX Device Manager (PDM), Security Device Manager (SDM), and IPS Device Manager (IDM).
– You can configure a cross launch to RME.
– You can collect data from Performance Monitor and display it in an inventory status window.
– You can add ASA and PIX devices from Security Manager to Auto Update Server (AUS).
- Integrated monitoring of events generated by ASA and IPS devices. You can selectively monitor, view, and examine events from ASA and IPS devices by using the Event Viewer feature.
Auto Update Server
If you choose to install AUS, you can install it on the same server where you install Security Manager or on a different server, such as a server in your DMZ. AUS and Security Manager can share device inventory information and other data. AUS uses a browser-based user interface and requires Common Services.
AUS enables you to upgrade device configuration files and software images on PIX Security Appliance (PIX) and Adaptive Security Appliance (ASA) devices that use the auto update feature. AUS supports a pull model of configuration that you can use for device configuration, configuration updates, device OS updates, and periodic configuration verification. In addition, supported devices that use dynamic IP addresses in combination with the Auto Update feature can use AUS to upgrade their configuration files and pass device and status information.
AUS increases the scalability of your remote security networks, reduces the costs involved in maintaining a remote security network, and enables you to manage dynamically addressed remote firewalls.
For more information about AUS you can refer to the AUS documentation located at the Security Manager site: http://www.cisco.com/go/csmanager.
Cisco Security Manager includes the companion application Performance Monitor 4.2. Performance Monitor is a health and performance monitoring application with a special emphasis on security devices and services. Performance Monitor supports the ability to proactively detect network performance issues before they become critical; helps identify portions of the network which are overloaded and potentially require extra resources; and provides rich historical health and performance information for after-the-fact investigations and analyses. Performance Monitor supports monitoring remote-access VPNs, site-to-site VPNs, firewall, web server load-balancing, and SSL termination. Performance Monitor uses a browser-based user interface.
You can install Performance Monitor only after you install Common Services. Performance Monitor is installed by using a separate installation program, which is available after you install and then start Common Services.
The Security Manager media kit contains a combined Software License Claim Certificate for Performance Monitor and RME. To obtain Performance Monitor, go to http://www.cisco.com/go/csmanager, then locate and click Download Software. The downloadable binary package for Performance Monitor includes detailed documentation to help you install and use the software.
For more information about Performance Monitor, you can refer to the Performance Monitor documentation located at the Security Manager site: http://www.cisco.com/go/csmanager.
Resource Manager Essentials
Cisco Security Manager includes the companion application CiscoWorks Resource Manager Essentials (RME). RME provides lifecycle management of Cisco network devices. To support life cycle management, RME provides the ability to manage device inventory and audit changes, configuration files, and software images as well as syslog analysis. RME uses a browser-based user interface.
The Security Manager media kit contains a combined Software License Claim Certificate for Performance Monitor and RME. To obtain RME, go to http://www.cisco.com/go/csmanager, then locate and click Download Software. The downloadable binary package for RME includes detailed documentation to help you install and use the software.
RME is also included with the CiscoWorks LAN Management Solution (LMS). There is useful deployment information about RME included in the CiscoWorks LAN Management Solution Deployment Guide 3.0, although be aware that some information does not apply in the case of RME bundled with Security Manager. For more information, you can refer to http://www.cisco.com/en/US/products/sw/cscowork/ps2073/tsd_products_support_eol_series_home.html.
Effect of Enabling Event Management
If you enable Event Management on your Security Manager server, you cannot use that server for any of the following services:
- Syslog on CiscoWorks Common Services
- Syslog on CiscoWorks Resource Manager Essentials (RME)
- Syslog on Performance Monitor
During the installation or upgrade of Security Manager, the Common Services syslog service port is changed from 514 to 49514. Later, if Security Manager is uninstalled, the port is not reverted to 514. Additional information regarding ports is available in Table 3-1 and in Table 1-1.
If the amount of RAM available to the operating system is insufficient, Event Viewer is disabled (see details in Table 3-3); however, the Common Services syslog service port is still changed.