CSA Components Overview

Previous page
Table of content
Next page
 < Day Day Up > 

CSA uses a distributed architecture consisting of two major components:

  • Management Console (MC) The MC performs many important tasks such as agent configuration, policy configuration, and centralized reporting.

  • Agents Agents, which enforce local security policies, reside on hosts throughout the network.

The next sections provide an overview of both components.

Management Console

The CSA MC runs on top of the Microsoft Windows 2000 Server operating system using either a Microsoft Database Engine (MSDE) by default, which is included in the product installation, or Microsoft SQL 2000 when you need to scale beyond 500 agents. The CSA MC is where all management functions are performed. As part of the CiscoWorks VPN Management Solutions (VMS) network management family of products, the CSA MC has the same look and feel as the other management tools from Cisco, and its configuration interface is accessible via a web browser over a secure encrypted Secure Sockets Layer (SSL) connection. Figure 2-1 provides a typical CSA MC screen you will see upon successfully logging in to the CSA MC application with your web browser.

Figure 2-1. Cisco Security Agent Management Console


The CSA MC application is where you perform all configuration tasks and tuning of necessary modules, rules, and policies to secure agents. You can also modify host group assignments and attach necessary security policies to groups from this interface. Another major function provided by the MC is the Event Viewer and Reporting tool by which necessary data is presented to the security group such that necessary action can be taken based on event notification.

Agent

CSA is a software application that installs on end systems. The following are host operating systems supported by the Cisco Security Agent:

  • Microsoft Windows NT

  • Microsoft Windows 2000

  • Microsoft Windows 2003

  • Microsoft Windows XP

  • Solaris 8

  • Linux RedHat Enterprise v3.0

The agent monitors the local system for policy violations and protects local resources and data from being compromised. Whenever an attempted policy violation is detected, a message is sent to the MC for centralized reporting purposes. At predetermined time intervals (polling time), the agents report back to the MC server to see whether any policy changes have been made to what is currently running on the local agent. Figure 2-2 shows a view of the CSA user interface that you can access from any agent-protected system in your environment.

Figure 2-2. CSA Local User Interface


     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Cisco Security Agent
    Cisco Security Agent
    ISBN: 1587052059
    EAN: 2147483647
    Year: 2005
    Pages: 145
    Authors: Chad Sullivan
    BUY ON AMAZON
    Java I/O
    Crystal Reports 9 on Oracle (Database Professionals)
    Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
    Cisco IOS in a Nutshell (In a Nutshell (OReilly))
    Postfix: The Definitive Guide
    Microsoft VBScript Professional Projects
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy