Today's security deployments require more scalability than merely supporting a large number of devices. Many customers have limited staffing, yet are asked to perform numerous security-related tasks: manage myriad security devices; manage the security and network infrastructure; frequently update many remote devices; implement change control and auditing; enhance security without adding more headcount; or roll out remote-access VPN to all employees and monitor the VPN service. In response to these changing business needs, Cisco provides several centralized security management solutions, including
CiscoWorks VPN/Security Management Solution
Cisco Secure Policy Manager
CiscoWorks VPN/Security Management Solution (VMS) is an integrated security management solution that forms an integral part of the SAFE blueprint for network security. VMS enables customers to deploy security infrastructures from small networks to large, complex, and widely distributed environments.
VMS features include the following:
Scalability
Centralized management
Security monitoring
Change management
VMS's strength is that it combines many administrative tasks that would normally be handled separately through a single integrated interface. This interface combines web-based tools for secure configuring, monitoring, and troubleshooting firewalls, VPNs, and both host- and network-based intrusion detection systems (HIDS and NIDS, respectively).
The VMS integrated package consists of the following applications:
CiscoWorksResource Manager Essentials A powerful web-based management tool for inventory, configuration, and software control of Cisco routers and switches.
CiscoWorksVPN Monitor Collects, stores, and views VPN connectivity information for remote access and site-to-site VPN terminations.
CiscoWorksCisco View Provides the common database, web, and desktop services that are used to integrate with other Cisco and third-party tools.
CiscoWorksCD One The CiscoWorks server desktop that provides the common interface for launching and navigating efficiently between the various tools and reports.
CiscoWorksAuto Update Server Software Provides software management features using a pull model for initial configuration, configuration updates, operating system updates, and periodic configuration verification.
CiscoWorksManagement Center for IDS Sensors Provides centralized management for the configuration of NIDS and switch IDS sensors.
CiscoWorksManagement Center for VPN Routers Provides centralized management for the configuration and deployment of VPN connectivity.
CiscoWorksManagement Center for PIX Firewalls Provides centralized management for the configuration of PIX Firewalls.
CiscoWorksMonitoring Center for Security Provides a unified server to capture, view, correlate, and report on events from NIDS, switch IDS, HIDS, PIX, and Cisco IOS devices.
Cisco Secure Policy Manager (CSPM), formerly Cisco Security Manager, is a centralized, scalable, comprehensive security policy management application for the Cisco Secure security portfolio. CSPM provides the administrator of a network the tools to centrally manage Cisco Secure PIX Firewalls, routers running Cisco IOS Firewall, Cisco IPSec VPN-enabled routers, and Cisco IDS sensors.
The CSPM's topology-based GUI allows administrators to visually define high-level security policies for multiple Cisco security devices. These policies can then be distributed from a central location, eliminating the costly, time-consuming practice of implementing security commands on a device-by-device basis. CSPM also provides the facility to import existing security policies as well as system-auditing functions, which include monitoring, event notification, and web-based reporting.
CSPM's main features are as follows:
Security policy management Via CSPM's GUI, network-wide security policies can be created to manage Cisco security devices without requiring extensive device knowledge and dependency on the command-line interface (CLI).
Cisco firewall management CSPM provides the administrator the facility to easily define perimeter security policies for Cisco Secure PIX Firewalls and Cisco IOS routers running the firewall feature set.
Cisco VPN router management The CSPM GUI allows for the easy configuration of intranet/extranet IPSec VPNs based on Cisco PIX Firewalls and the Cisco suite of VPN routers running the Cisco IOS IPSec software.
Notification and reporting system CSPM provides basic auditing tools to monitor, alert, and report Cisco security device and policy activity, thereby keeping the network administrator readily informed of network-wide events. CSPM also complements and interoperates with third-party monitoring, billing, and reporting systems.
Network operations CSPM incorporates many network operational features, including topology import from CiscoWorks, CLI policy mapping, command diff, admin password aging, and policy query
Windows 2000based system CSPM provides an easy-to-use Windows-based user interface.