Table Of Contents
Overview
Introduction
Switch/Router System Requirements
FWSM Requirements
Browser Requirements
PC/Workstation Requirements
Configuration Recommendations
Supported Platforms
Improving PDM Load Time When Using Java Plug-in 1.4.1
Earlier PDM Versions and Dependencies
Upgrading Earlier Software
Overview
This chapter describes hardware and software requirements for using PDM Version 4.0, and includes the following sections:
•
Introduction
•Switch/Router System Requirements
•FWSM Requirements
•Browser Requirements
•PC/Workstation Requirements
Introduction
PDM Version 4.0 for FWSM is a graphical user interface (GUI) software for configuring and monitoring your Cisco Firewall Services Module (FWSM) 2.2 for the Cisco Catalyst 6500 switches and Cisco 7600 routers. For more information, see the FWSM technical documentation at the following URL:
http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/tsd_products_support_model_home.html
You can also see the FWSM FAQ (Frequently Asked Questions on Cisco.com:
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_qanda_item09186a00801e9e26.shtml
Note PDM Version 4.0 is a single image that supports only FWSM 2.2. It does not support FWSM 1.1 or PIX OS.
PDM is designed to assist you in managing your network security. For example, PDM provides the following:
•Works on most popular operating systems and web browsers without a special Java Plug-in. The PDM applet uploads to your workstation when you point your browser at the firewall.
•Helps configure your firewall using visual tools such as task-oriented selections and drop-down menus, including a Startup Wizard.
•Speeds up configuration by composing complex command-line interface (CLI) commands and sending them to the firewall. For most tasks, you need not know how to use CLI commands.
•Allows configuration of both the active and standby firewalls.
•Allows full administrative access or enforces read-only and monitor-only mode.
•Reduces troubleshooting time by warning of potential configuration errors before they are sent to the firewall.
Switch/Router System Requirements
The switch and router models that support the FWSM are:
•Catalyst 6500 series switches, with the following required components:
–Supervisor engine with Cisco IOS software (known as supervisor IOS) or Catalyst operating system (OS)
–Multilayer Switch Feature Card (MSFC 2) with Cisco IOS software
•Cisco 7600 series routers, with the following required components:
–Supervisor engine with Cisco IOS software
–MSFC 2 with Cisco IOS software
For more information, refer to the Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide Release 2.2 for supported supervisor engine and software versions and the supported Cisco IOS software versions:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/fwsm_cfg.html
Note The FWSM does not support a direct connection to a switch WAN port, because WAN ports do not use static virtual local area networks (VLANs). However, the WAN port can connect to the MSFC, which can also connect to the FWSM.
For more information on switch or router requirements for FWSM, go to the following website:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/fwsm_cfg.html
FWSM Requirements
The FWSM must run software release 2.2 and meet all of the following browser requirements to run PDM Version 4.0.
•Minimum Software Versions Verify that your firewall meets the requirements listed in the Release Notes for the Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Software Release 2.2. You must have software release 2.2 installed on FWSM before using PDM Version 4.0. For more information, see the Important Notes and Earlier PDM Versions and Dependencies sections in this guide.
•Upgrading Software When you install a new version of PDM, close all browser sessions before launching PDM. For information on upgrading your FWSM, see the following websites:
–http://www.cisco.com/cisco/software/navigator.html
–http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/tsd_products_support_model_home.html
Browser Requirements
The following are required to access one or more firewalls through PDM:
•Java Virtual Machine (JVM) For best performance when running Windows, use Internet Explorer 6.0 with or without the Java Plug- in. If Java is not enabled in the browser, PDM guides you on how to enable it. To check which version you have, launch PDM. When the PDM information window appears, note the Java version number. When using the Java Plug-in, there is a significant improvement in PDM load time if you access the firewall using the hostname (not IP address). See "Configuration Recommendations".
•HTTP 1.1 Settings for Internet Options>Advanced>HTTP 1.1 should use HTTP 1.1 for both proxy and non-proxy connections. Note, this applies only to Internet Explorer.
•SSL Encryption Settings All available encryption options are enabled for SSL in the browser preferences.
PC/Workstation Requirements
PDM has different requirements depending on the platform from which it is accessed. PDM is not supported for use on computers equipped with the Macintosh OS, or other versions of the Windows operating systems.
This section includes the following topics:
•Configuration Recommendations
•Supported Platforms
Configuration Recommendations
We recommend the following browser and JVM combinations for these operating systems:
Table 1-1 Recommended Browser and JVM combinations
Operating System
|
Browser
|
JVM
|
Microsoft Windows 2000 (Service Pack 3), or Microsoft Windows XP
|
Internet Explorer 6.0
|
Native (built-in) JVM (VM 3809 or higher)
|
Microsoft Windows 2000 (Service Pack 3), or Microsoft Windows XP
|
Internet Explorer 6.0
|
Java Plug-in 1.4.1 or 1.4.2
|
Microsoft Windows 2000 (Service Pack 3), or Microsoft Windows XP
|
Netscape 7.1
|
Java Plug-in 1.4.1 or 1.4.2
|
Sun SPARC Solaris 2.8 or 2.9
|
Netscape 7.0
|
Java Plug-in 1.4.1 or 1.4.2
|
Red Hat Linux 9.0 or Red Hat Enterprise Linux WS, Version 3 running GNOME or KDE
|
Netscape 7.1
|
Java Plug-in 1.4.1 or 1.4.2
|
Supported Platforms
Table 1-2 lists the supported and recommended platforms for PDM Version 4.0.
Note The Japanese version of Windows (JOS) is supported in the PDM Version 4.0 release.
Table 1-2 Supported and Recommended Platforms for PDM Version 4.0
| |
Operating System
|
Browser
|
Hardware
|
Windows
|
Windows 2000 (Service Pack 3) or Windows XP operating systems.
PDM is not supported on Windows 3.1, 95, 98, ME or Windows NT 4.
|
Internet Explorer 6.0 with native JVM (VM 3809 or higher)
Internet Explorer 6.0 with Java Plug-in 1.4.1 or 1.4.2
Netscape 7.1 with Java Plug-in 1.4.1 or 1.4.2
|
Any Pentium III or Pentium-compatible processor running at 450 MHz or higher.
At least 256 MB of random-access memory (RAM). We recommend 192 MB or more.
A 1024 x 768 pixel display and at least High Color (16-bit)
|
SUN Solaris
|
Sun Solaris 2.8, 2.9, or later running CDE window manager.
|
Netscape 7.0 with Java Plug-in 1.4.1 or 1.4.2
|
SPARC microprocessor.
At least 256 MB of random-access memory (RAM).
A 1024 x 768 pixel display and at least 256 colors. High Color (16-bit) recommended.
At least 256 MB of random-access memory (RAM).
A 1024 x 768 pixel display and at least 256 colors. High Color (16-bit) recommended.
|
Linux
|
Red Hat Linux 9.0 and Red Hat Linux Enterprise 3 running GNOME or KDE
|
Supported browser: Netscape 7.1 with Java Plug-in 1.4.1 or 1.4.2
|
At least 128 MB of random-access memory (RAM). 256 MB recommended.
A 1024 x 768 pixel display with at least 256 colors. High Color (16-bit) recommended.
|
Note•PDM and Linux:
–When using Netscape on Linux and running the XFree86 Mach64 server, Netscape might hang when running PDM, particularly if you resize the PDM window. A workaround is to change the monitor display to 256 colors.
–When using Netscape on some Linux platforms, if you select an item under the Properties tab or the Monitoring tab, the entire PDM window shifts a few pixels to the left and up. This movement happens when you select a panel with a text box or a combo box in it.
Improving PDM Load Time When Using Java Plug-in 1.4.1
When using the Java Plug-in 1.4.1, there is a significant improvement in PDM load time if the firewall hostname is in DNS or the local hosts file and you access the firewall using the hostname (not IP address).
Note You will not encounter this problem if you use Java Plug-in 1.4.2.
When using Windows, the fastest loading of PDM is achieved by editing the Windows configuration file `hosts'. Editing the equivalent file in other operating systems will also improve PDM load time.
Each line in the hosts file is in the format ip hostname. Example:
192.168.1.1 myfirewall.example.com
To edit the hosts file in Windows 2000, complete the following steps:
Step 1 Locate the file hosts:
•In Windows 2000, the location of the hosts file is:
C:\WINNT\system32\drivers\etc\hosts
•On Windows 98 and ME, the location of the hosts file is:
C:\Windows\hosts.
Step 2 Select the file, right click, and select Open With...>Notepad.
Step 3 Follow the Microsoft instructions in the hosts file to add your firewall IP address and hostname. Copyright (c) 1993-1999 Microsoft Corp.
This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
This file contains the mappings of IP addresses to hostnames. Each
entry should be kept on an individual line. The IP address should
be placed in the first column followed by the corresponding hostname.
The IP address and the hostname should be separated by at least one
space.
Additionally, comments (such as these) may be inserted on individual
lines or following the machine name denoted by a '#' symbol.
For example:
102.54.94.97 rhino.acme.com # source server
38.25.63.10 x.acme.com # x client host
Step 4 Save the hosts file to the original location.
Earlier PDM Versions and Dependencies
Table 1-3 List of Earlier PDM Versions and Dependencies
PDM Version
|
PIX Firewall
|
FWSM
|
PDM Version 1.0*
|
6.0
|
Not Supported
|
PDM Version 1.1
|
6.0, 6.1
|
Not Supported
|
PDM Version 2.0*
|
6.2
|
Not Supported
|
PDM Version 2.1
|
6.2
|
1.1
|
PDM Version 3.0
|
6.3
|
Not Supported
|
PDM Version 4.0
|
Not Supported
|
2.2
|
Upgrading Earlier Software
For information about upgrading your Cisco PDM or FWSM software, see the Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide Release 2.2 at the following URL:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/fwsm_cfg.html
You can also see the FWSM software download page for more information:
http://www.cisco.com/cisco/software/navigator.html
Feedback