Getting Started

Cisco Security Manager can centrally manage many of the individual components of the Cisco Self-Defending Network. Examples of devices that can be managed by the Cisco Security Manager include IOS routers, Adaptive Security Appliances (ASA), Intrusion Prevention Systems (IPS), PIX Firewalls, and Catalyst 6500/7600 LAN switches.

The Cisco Security Manager has three main views to manage a :

• Device view

• Map view

• Policy view

Cisco Security Manager is an integrated application because all supported device platforms are managed together. For example, the process to configure an access control list (ACL) is the same for a Cisco IOS router as an ASA security appliance. The process to configure a VPN is also independent of platform type and allows a single VPN with multiple platform types. For example, a single VPN can be created with IOS routers as the hub devices and PIX Firewalls as the spoke devices.

The integrated approach based upon service or function like firewall or VPN is a contrast to the previous product, CiscoWorks VMS. CiscoWorks VMS was platform-based, with a separate Management Center for each platform like IOS routers or PIX firewalls. CiscoWorks VMS also used a separate GUI or web browser for each Management Center or platform while the Cisco Security Manager features a single, integrated GUI. New features in the Cisco Security Manager that were not present in the CiscoWorks VMS product include the following:

• Single client GUI to manage multiple platforms

• Single access control list (ACLs) rule table for PIX, FWSM, IOS CBAC, and IOS ACL

• Catalyst 6500/7600 chassis management

• Topology map view to graphically manage the network

• Ability to import command-line interface (CLI) that has been modified by telnet/ Device Managers

• Coexist with multiple Java Runtime Environments (JREs) on a server

• Mine or filter audit reports based upon admin, date, string

• Flex-config template for nonsecurity IOS features

• Multithreaded backend server for performance increase

• Support up to 5000 devices with a single server

• Manage ASA 7.x

• Import device list from CiscoWorks Resource Management Essentials (RME)

• Hierarchical virtual private network (VPN)

• Apply access control lists (ACLs) to a group of interfaces

• Define access control lists (ACLs) for a specific time-range

• access control list (ACLs) hit count information

• Scheduled configuration deployment at specific date and time

• ASA device status

• Dynamic Multiple VPN (DMVPN)

• Aswan 2.0 (MPLS to IP Security (IPSec) VPN)

Cisco Security Manager provides a JumpStart menu so that new security operations users can quickly learn how to import, configure, and deploy configuration to security devices.

Figure 9-1 displays the JumpStart menu of the Cisco Security Manager.

Figure 9-1. JumpStart

Cisco Security Manager includes several features to enable the integrated management of 5000 devices of separate platform types. One of these features is the ability to filter a list of devices by platform type. Another integrated feature is the ability to create a single device group with mixed device platforms. These device groups can be used to apply security and VPN configuration settings to a group of devices. Device groups can be based upon categories such as data center locations (for example, Los Angeles, San Francisco) or functional groups (for example, Engineering, Finance, ACME Corp, and so on).