Cisco Security Manager

Cisco® Security Manager is an enterprise-class management application designed to configure firewall, VPN, and intrusion prevention system (IPS) security services on Cisco network and security devices. Cisco Security Manager can be used in networks of all sizes-from small networks to large networks consisting of thousands of devices-by using policy-based management techniques. Cisco Security Manager works in conjunction with the Cisco Security Monitoring, Analysis, and Response System (MARS). Used together, these two products provide a comprehensive security management solution that addresses configuration management, security monitoring, analysis, and mitigation.

New Features Introduced in Release 3.2

• Enhanced Cisco Security Manager and MARS integration

– Ability to select syslog messages collected by Cisco Security MARS and launch to that specific rule in the Cisco Security Manager that generated the syslog

– Ability to select a rule in Cisco Security Manager and view historic or real-time syslog messages in Cisco Security MARS

– Ability to select an IPS signature in Cisco Security Manager and view historical or real-time events processed by Cisco Security MARS

– Ability to view IPS events in Cisco Security MARS and launch to that specific IPS signature in Cisco Security Manager

• Support for Cisco Firewall Services Module (FWSM) 3.2(2) and 3.2(3)

• Support for Cisco ASA Software Versions 7.2.2, 7.2.3, and 7.2.4

• Cisco ASA Software Versions 8.0/8.1 support: Firewall, firewall settings, and platform support for all features that are backward-compatible with Cisco ASA Software Version 7.2.2

• Support for NetFlow logging

• Support for Cisco ASA 5580-20 and 5580-40 appliances

• Support for Cisco 3200 Series, 2600XM Series, and 1861 routers

• Support for configuration of router access control lists (ACLs) [[what is the "R" in RACL?]], interfaces, VLANs, port security, and FlexConfigs on Cisco Catalyst 3550 Series, 3560 Series, 3560E Series, 3750 Series, 3750E Series, 3750 Metro Series, 4500 Series, 4948, and 4948 10GE switches

• Support for Cisco IPS 4270 Sensor Appliance

• Support for Cisco IOS Software Release 12.2(33) SRA and SRB on the Cisco 7600 Series platform

• Support for the Cisco Intrusion Prevention System Advanced Integration Module (IPS AIM) for Cisco 1841, 2800 Series, and 3800 Series Integrated Services Routers

• Expiring ACL rule notification

• Windows Vista support for Cisco Security Manager client

• Support for Internet Explorer 6.x and 7.x and Firefox 2.x

Licensing

Note: The management software consumes a device license for:

• Each added physical device

• Each added Cisco Catalyst 6500 Series services module

• Each security context

• Each virtual sensor

Advanced Inspection and Prevention Security Services Modules (AIP-SSMs), IDS Network Modules, and IPS Advanced Integration Modules (IPS AIM) installed in the host device do not consume a license; however, additional virtual sensors (added after the first sensor) are counted.

In the case of a Firewall Services Module (FWSM), the module itself consumes a license and then an additional license for each added security context. For example, an FSWM with two security contexts would consume three licenses: one for the module, one for the admin context, and one for the second security context. If the Cisco Catalyst chassis itself is added to Cisco Security Manager, it too will consume a license.

Table 1. Cisco Security Manager Part Numbers

Upgrade Options

Table 2. Cisco Security Manager 3.0.x and 3.1.x Upgrade Options

Service Options

Cisco Services

• The Cisco Security Center provides a central location for early warning threat intelligence threat and vulnerability analysis, Cisco IPS signatures and mitigation techniques. Visit and bookmark the Cisco Security Center at www.cisco.com/security.

• Cisco Security Intellishield Alert Manager Service provides a customizable, Web-based threat and vulnerability alert service that allows organizations to easily access timely, accurate, and credible information about potential vulnerabilities in their environment.

• Cisco Software Application Support Services [SAS] keeps Cisco Security Manager up and running with around-the-clock access to technical support, and software updates.

• Cisco Security Optimization Service helps organizations maintain peak network health. The network infrastructure is the foundation of the agile and adaptive business. The Cisco Security Optimization Service supports the continuously evolving security system to meet ever-changing security threats through a combination of planning and assessments, design, performance tuning, and ongoing support for system changes.

• Unlimited access to the Cisco Technical Assistance Center for award-winning support. Technical assistance is provided by Cisco software application experts who are trained in Cisco security software applications. Support is available 24 hours per day, 7 days per week, 365 days per year worldwide.

• Registered access to Cisco.com, a robust repository of application tools and technical documents to assist in diagnosing network security problems, understanding new technologies, and staying current with innovative software enhancements. Utilities, white papers, application design data sheets, configuration documents, and case management tools help expand your in-house technical capabilities.

• Access to application software bug fixes and maintenance and minor software releases.

Availability

For More Information