Cisco Security Manager

I recently installed Cisco Security Manager for a client and up until then I had pretty limited experience with it as it’s still relatively fresh on the market. The install itself is very easy.  Next, next, next… almost. After a few teething problems with McAfee AV hanging the server it was all up and running and ready for devices to be added in. McAfee, by the way, was trying to scan the CSM database and couldn’t and that was what hung the machine. The only way around it was to exclude the folder where the database is and it worked fine after that.

For those of you who don’t know what Cisco Security Manager does it’s basically a replacement for the old Cisco VMS Works, in my opinion anyway – I’m not sure if Cisco market it as that. It has some pretty good features built into it that allow you to manage your security policies in a more uniform fashion across your network. The ability to copy policies from one device to another is a great way of adding extra layers of security throughout your network. I installed a Cisco 4260 IPS after the CSM server and I especially liked the benefit of copying signature polices between IPS’s as it saves a lot of time wasted on ensuring devices have the same signature set when inspecting segments that should have the same inspection policies applied.

I also added in a live Cisco ASA5540 to the device repository but it threw a lot of errors up so I have deleted it out for the time being as the customer is not looking to use CSM with his firewalls at the moment. We’ll also be installing CS-MARS in the near future and that can tie in with CSM so I’ll report back on how that goes.

Ian