Cisco Systems DOC-78-17916 Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182

Zur Seite of

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Cisco Systems DOC-78-17916 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Cisco Systems DOC-78-17916, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Cisco Systems DOC-78-17916 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Cisco Systems DOC-78-17916. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung Cisco Systems DOC-78-17916 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Cisco Systems DOC-78-17916
- Den Namen des Produzenten und das Produktionsjahr des Geräts Cisco Systems DOC-78-17916
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Cisco Systems DOC-78-17916
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Cisco Systems DOC-78-17916 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Cisco Systems DOC-78-17916 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Cisco Systems finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Cisco Systems DOC-78-17916 zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Cisco Systems DOC-78-17916, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Cisco Systems DOC-78-17916 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Installing Management Center f or Cisco S ecurity A gents 5.2 Customer Order Number: DO C-78-17916[...]

  • Seite 2

    THE SPECIFICA TIONS AND IN FORMA TION REGARDING THE PRODUCTS IN THIS MAN UAL ARE SUBJECT TO CHANGE WIT HOUT NO TICE. ALL ST A TEMENTS, INFORMA TION, AND RECOMMEND A TION S IN THIS MANU AL ARE BELIEVED TO BE A CCURA TE BU T ARE PRESENTED WITHOUT W ARRANTY OF ANY KIND, EX PRESS O R IMPL IED. USE RS MU ST T AKE FU LL RESPON SIBILITY FOR THEIR APPLICA [...]

  • Seite 3

    i Book Title 78-17916-01 CONTENTS Preface v Audience 1-v Conventi ons 1-vi Obtaining Documentation 1-vii Cisco.com 1-vii Product Documentation DVD 1-vii Ordering Documentation 1-viii Documentation Feedback 1-viii Cisco Product Security Overview 1-viii Reporting Security Problems in Cisco Prod ucts 1-ix Product Alerts and Field Notices 1-x Obtaining[...]

  • Seite 4

    Contents ii Book Title 78-17916-01 DNS and WINS Environments 1-9 Browser Requirements 1-9 Time and Date Req uirements 1-10 Port Availability 1-10 Windows Cluster Support 1-11 Internationalization Support 1-11 Internationalization Support Tables 1-12 About CSA MC 1-17 CHAPTER 2 Deployment Planning 2-1 Overview 2-1 Piloting the Product 2-2 Running a [...]

  • Seite 5

    iii Book Title 78-17916-01 Contents Licensing Information 3-2 Installing V5.2 and Migrating Co nfigurations and Hosts from Previous Versions 3-3 Installation and Migration Overview 3-3 Local and Remote DB Installation Overview 3-6 Installing CSA MC with a Local Database 3-8 Installing CSA MC with a Remote Database 3-21 Installing CSA MC with a Prev[...]

  • Seite 6

    Contents iv Book Title 78-17916-01 Configure a Policy 4-18 Attach a Ru le Module to a Policy 4-19 Attach a Policy to a Group 4-19 Generate Rule Programs 4-20 APPENDIX A Cisco Security Agent In st allation and Overview A-1 Overview A-1 Downloading and Installing A-2 The Cisco Security Agent User Interface A-4 Installing the Solaris Agent A-6 Install[...]

  • Seite 7

    v Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface This manual de scribes how to configure the Manageme nt Center for Cisc o Security Agents on Microsoft W indo ws 2003 operating systems and the Cisco Security Agent on supported Micro soft W indo ws 2003, Microsoft W indo ws XP , Microsoft W indows 2000, Microsoft W i[...]

  • Seite 8

    Preface Conventions vi Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Conventions This manual uses the following con ventions. Convention Purpose Example Bold text User interface field names and menu options. Click the Gr oups opti on. The Groups edit pag e appears. Italicized text Used t o emphasize text. Yo u m u s t sav[...]

  • Seite 9

    vii Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Documentation Obtaining Documentation Cisco documentation and additi onal litera ture are a v ailable on Cisco.com. This section e xplains the product do cumentation resources that Cisco o ffers. Cisco.com Y ou can access the most current Ci sco documentat[...]

  • Seite 10

    Preface Documentation Feedba ck viii Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Ordering Documentation Y ou must be a registered Ci sco.com user to access Cisco Marketplace. Registered users may order Cisco d ocumentation at t he Product Documentat ion Store at t his URL: http://www .cisco.com/go/marketplace/docsto re I[...]

  • Seite 11

    ix Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Cisco Product Security O verview T o se e security advisories, security notices, and securi ty responses as they are updated in real ti me, you can subscribe t o the Product Security Inci dent Response T eam Really Simple Syndicat ion (PSIR T RSS) feed. Information a[...]

  • Seite 12

    Preface Product Alerts and Field No tices x Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 If you do not ha ve or use PGP , contact PSIR T to find other means of encry pting the data before sending any sensiti ve material. Product Alerts and Field Notices Modifi cations to or updates abou t Ci sco products are annou nced in[...]

  • Seite 13

    xi Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Techn ical Assistance Access to all tools on the Cisco Support website requires a Cisco.com user ID and password. If you ha ve a v alid service contract b ut do not hav e a user ID or password, you can re gister at this URL: http://tools.cisco.com/RPF/ regi[...]

  • Seite 14

    Preface Obtaining Technical Assistance xii Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 solutions. If yo ur issue is not resolv ed using the recommended resources, your service request is assigned to a Cisco engineer . The T A C Service Request T ool is located at t his URL: http://www .cisco.com/techsupport/ servicereque[...]

  • Seite 15

    xiii Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Additional Public ations and Information Obtaining Additional Publications and Information Information ab out Cisco products, tech nologies, and netw ork solutions is av ailable from v a rious online and printed sources. • The Cisco Online Subscription [...]

  • Seite 16

    Preface Obtaining Additional Publ ications and Information xiv Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Networking Prof essionals Connection is an interacti ve website where networking pro fessionals share questions, sug gestions, and information about network ing products and techn ologies with Cisco e xperts and[...]

  • Seite 17

    CH A P T E R 1-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 1 Prep aring to Inst all How the Cisco Security Agent Works The Cisco Security Agent pr ovides distrib uted security to your enterprise by deploying agen ts that defen d against the proliferation of attacks across networks and systems. These agents operate us i[...]

  • Seite 18

    Chapter 1 Preparing t o Install Cisco Security Agent Ov erview 1-2 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Cisco Security Agent Overview Cisco Security Agent contains two components: • The Manageme nt Center for C isco Secu ri ty Agents (C SA MC)- in st al ls on a secured se rver an d includes a web se rver , a co[...]

  • Seite 19

    1-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Before Proceeding Before Proceeding Before installing CSA MC softwa re, refer to the Release Notes for up- to-date information. No t doing so can result in the misconf iguration of your system. Make sure that y our system is compatible wit h [...]

  • Seite 20

    Chapter 1 Preparing t o Install System Requirements 1-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Pager alerts require a Hayes Compatible Modem. • For opti mal vie wing of the CSA MC UI, you should set your display to a resolution of 1024 x768 or higher . • On a system where CSA MC has nev e r been installed, t[...]

  • Seite 21

    1-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install System Requirements T o run the Cisco Security Agent on Windo ws servers and desktop systems, the requirements are as follows: Ta b l e 1 - 2 A gent Requirements (Windo ws) Sy stem Component Requi remen t Processor Intel Pentium 200 MHz or hi[...]

  • Seite 22

    Chapter 1 Preparing t o Install System Requirements 1-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Hard Dri ve Space 50 MB or higher Note This includes program an d data. Network Ethern et or Dial up Note Maximum of 64 IP addr esses supported on a system. Sy stem Component Requirement[...]

  • Seite 23

    1-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install System Requirements T o run the Cisco Security Agent on your So laris server systems, the requirements are as follows: Ta b l e 1 -3 A gent Requirements (Solar is) Sy stem Component Requi remen t Processor UltraSP ARC 400 MHz or higher Note Un[...]

  • Seite 24

    Chapter 1 Preparing t o Install System Requirements 1-8 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Caution On Solaris systems running Cisco Security Agents, if you add a ne w type of Ethernet interface to the sy stem, you must reboot t hat system twice for the agent to detect it and apply rules to it accordingly . T o [...]

  • Seite 25

    1-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Environment Requirements Caution When upgrading or changing operating systems, un install the agent f irst. When the ne w operating system is in place, you can install a new agent kit. Because the agent installation e xamines the operating sy[...]

  • Seite 26

    Chapter 1 Preparing t o Install Environment Requirements 1-10 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Y ou must ha v e cookies enabled. This means using a maximum sett ing of "medium" as your Internet security se tting . Locate this fea ture f rom the follo wing menu, T ools>Internet Options. Click t[...]

  • Seite 27

    1-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Internationalization Support Windows Cluster Support Cisco Security Agent supports Netw ork Load Balancing and Serv er Cluster for W indows 2003 an d 2000 Serv er platforms. Cluster support m ay require certain network permission s to operat[...]

  • Seite 28

    Chapter 1 Preparing t o Install Internationalization Support 1-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Explanation of terms: Localized: Cisco Security Agent kits cont ain localized support for the languages identif ied in Ta b l e 1-5 . This support is automatic in e ach agent kit and no action is required b y the[...]

  • Seite 29

    1-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install Internationaliza tion Support Interface (MUI) supported languages, installs are always in Eng lish (Installshield does not support MUI), and the UI/dialogs are in English unless the desk top is Chinese (Simplified), French, German, It alian, [...]

  • Seite 30

    Chapter 1 Preparing t o Install Internationalization Support 1-14 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Ta b l e 1 -8 Windows XP Support Greek S NA NA Hebre w NS NA NA Hungarian SS NA Italian L L(S) NA Japanese L L(S) L(S) Ko r e a n L L(S) L(S) Norweg ian S NA NA Polish TT NA Portuguese SS NA Russia n SS NA Spanis[...]

  • Seite 31

    1-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Internationalization Support Ta b l e 1 - 9 Windows 2003 Support Greek S S Hebre w NS NS Hungarian S S Italian L L(S) Japanese L L(S) Ko r e a n L L(S) Norweg ian S S Polish T T Portuguese S S Russia n S S Spanish L L(S) Swedish S S Tu r k i[...]

  • Seite 32

    Chapter 1 Preparing t o Install Internationalization Support 1-16 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 On non-localized b ut tested and supported language platform s, the administrator is responsible for polic y changes aris ing from direct ory naming v a riations between languages. If the pre vious operat ing sys[...]

  • Seite 33

    1-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install About CSA MC Figur e 1 -2 Diagnosis fo r Localized Ho st About CSA MC The CSA MC user interface installs as pa r t of t h e ove r a ll C i sco Security Agent solution inst allation. It is thr ough a web- based in terface that all securi ty po[...]

  • Seite 34

    Chapter 1 Preparing t o Install About CSA MC 1-18 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 1 -3 CSA MC, T op Lev el View[...]

  • Seite 35

    CH A P T E R 2-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 2 Deployment Planning Overview This section pro v ides information on deplo ying the product as part of pilot program and scaling the product to 100,000 agent deplo yments. This section contains the following topics: • Piloting the Pro duct, page 2-2 • Runn[...]

  • Seite 36

    Chapter 2 Dep loyment Planning Piloting the Product 2-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Piloting the Product Before deployin g Cisco Security Agents (CSA ) on a lar ge scale, it is critical that you run a manageable and modest initial p ilot of the product. Ev en in a CSA upgrade situation, a pilot p rogram i[...]

  • Seite 37

    2-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Scalable Deployments • How long should a pilot pr ogr am run? Basically , the deployin g and tuning of policies is an iterati ve process. Initiall y , you will ha ve a great deal of e vent log noise to parse. Y ou must examin e the data comin[...]

  • Seite 38

    Chapter 2 Dep loyment Planning Scalable Deployments 2-4 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Hardwar e Conf igurations: 1. Single processor Pent ium 4 (3Ghz+) with 2 GB RAM 2. Dual processor Xeon (2.5 Ghz+) with 4 GB RAM 3. Quad processor Xeon (2.5 Ghz+) wi th 8 GB RAM 4. Eight-W ay Xeon (2.5 Ghz+) w ith 8 GB RAM[...]

  • Seite 39

    2-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Scalable Deployments Software Considerations • CSA MC is only supported o n W indows 2003 R2 Standard an d Enterprise operating systems. Only Hardware C onf igurations 1 and 2 (referenced in pre vious tables) supp ort W indows 2003 R2 Standar[...]

  • Seite 40

    Chapter 2 Dep loyment Planning Scalable Deployments 2-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Factors in Network Sizing Y ou can use the follo wing data points for computing product network usage. The follo wing numbers a verage tasks based on the upper limit of a 100 ,000 agent deployment. Agent and Conf iguration[...]

  • Seite 41

    2-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting • Agent update (with CT A) (do wnstream): 16666.67 Kb/sec, durin g update timeframe As an example o f ho w you could compute netw ork load using the data points provided here, take 100,000 agents, each genera[...]

  • Seite 42

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Use the supplied groups and if neces sary define addi tional groups for eac h distinct desktop and server type in you r network. In your p ilot, you should hav e some participants that are using each desk[...]

  • Seite 43

    2-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting logging the beh avior of the rules used by members of th e Administrator group. Monitor policies can be used in cle ver ways to focus in on specif ic beha vior without interrup ting applications and services. ?[...]

  • Seite 44

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-10 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 understand the beha vior of the application, craft a polic y , place it i n test mode on the pilot machines, an d examine the e vent log. Use the techniques in the rest of this section to tune/troubleshoo t [...]

  • Seite 45

    2-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting If one of the rule modules wi thin a policy is n ot behavi ng as expected , you can place it in test mode wh ile still keeping the remaining rule modules in li ve mode. T o do this, select the Te s t M o d e c[...]

  • Seite 46

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caching and Resetting Query Responses Rules can be configured with enforcement actions of allo w , deny , terminate, or query the user . In some cases, there are ru les that already query the user but do so [...]

  • Seite 47

    2-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting Setting Up Exception Rules In some cases, you need two or m ore different r ules to completely specify the desired actions to a specific e vent. For example, you could have one rule that denies all application[...]

  • Seite 48

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-14 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Whether you want the exceptio n rule base d on the appl ication specified in the e vent or whet her you want to base it on a ne w application class. After you click Finish in the wizard, the MC displ ays[...]

  • Seite 49

    CH A P T E R 3-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 3 Inst alling the Management Center for Cisco Security Agent s Overview This chapter pro vides instructions for installing CSA MC. Once you ha ve re vie wed the preliminary information outli ned in the pre vious chapter , you are ready to proceed. It is through[...]

  • Seite 50

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Licensing Information 3-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Installation Log, pag e 3-38 • Accessing Management Center f or Cisco Security Agents, page 3-39 • Migration Instruct ions, page 3-40 • Initiating Secure Co mmunications, p[...]

  • Seite 51

    3-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Installing V5 .2 and Migrat ing Configura t ions and Hosts from Previous Ve rsions Installing V5.2 and Migrating Configurations and Hosts from Previous Versions If you ha ve pre vious versions (V5.1, V5.0,[...]

  • Seite 52

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Installation and Migration Overview 3-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Scenario 2 - Migrating V5.1 to V5.2 - Separate Systems: Y ou can install V5.2 on a ne w machine and use the prov ided migration too ls to mov e V5.1 config urations[...]

  • Seite 53

    3-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Installation and Mig ration Overview Figur e 3-1 Supported Migration P aths The CSA MC V5.2 installation does not automatically upgrad e or ov erwrite the older installations. Ultimately , the migration pr[...]

  • Seite 54

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Dir ectory P aths P e r V ersion Cisco SystemsCSAMCCSAMC52 Cisco SystemsCSAMCCSAMC51 CSCOpxCSA MC50 Local and Remote DB Installation Overview Y ou must ha v[...]

  • Seite 55

    3-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Note If your plan is to use SQL Serv er 2005, it is recommended that you cho ose one of the other installatio n configur ation options rather t han the local datab[...]

  • Seite 56

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Using this conf iguration, you can deploy up to 100,000 agents. Ha ving two CSA MCs lets you use on e MC for host registration and pol ling and an other MC for e[...]

  • Seite 57

    3-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Step 1 Log on as a local Administ rator on your Micro soft Server W indo ws 2003 R2 Standard or Enterprise system. Step 2 Put the Management Center for Cisco Secur[...]

  • Seite 58

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-10 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-3 CSA MC EULA License Agr eement Step 5 The installati on check i f th e needed ports are available. Figur e 3-4 Installation P ort Chec k Step 6 The[...]

  • Seite 59

    3-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-5 Upgr ade Question Windo w Step 7 The install then be gins by promptin g you to select a database location. In this case, you will keep the default sel[...]

  • Seite 60

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-12 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Note For installat ions exceeding 1,0 00 agents, it is recommended that you install Microsoft SQL Serv er 2005 instead of using the Microsoft S QL Server Micro[...]

  • Seite 61

    3-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-8 SQL Server Installation Direct ory Selection SQL Server Ex press Edition installs .NET Frame work on the syst em and continues to perform conf igurati[...]

  • Seite 62

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-14 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-9 SQL Serv er Expr ess Edition Config uration Status Windo w Note When the Microsoft SQL Serv er Express Edition installat ion finishes, t he CSA MC [...]

  • Seite 63

    3-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-1 0 Enter A dministrator Name and P assword Step 11 Y ou are ne xt prompted to select whet her or not you w ant the system to automatically reboot once [...]

  • Seite 64

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-16 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-12 Begin Install The install then pr oceeds copying the necessary files to your sys tem. (See Figure 3-13 .). The installation process then continues[...]

  • Seite 65

    3-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-13 Copy Files[...]

  • Seite 66

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-18 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-14 Installation Proceeds Note When the CSA MC installation completes, an agent installa tion automaticall y begins. It is recommended that an ag ent [...]

  • Seite 67

    3-19 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Microsoft SQL Server 2005 and 2000 Local Installation Notes Note The follow ing instructions are only intended for administrat ors choosing to install CSA MC and [...]

  • Seite 68

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-20 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • In the Setup T yp e installation windo w , choose the Ty p i c a l radio bu tton and in the Destin ation Folder section, clic k the various Br owse b uttons[...]

  • Seite 69

    3-21 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Caution If you are installin g both CSA MC and the database to t he same machine with the provid ed Microsoft SQL Serv er Express database, y ou should install Mi[...]

  • Seite 70

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-22 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caution Y ou must install a Cisco S ecurity Agent on this remote database. This agen t should be in the foll owing gro ups: Servers-SQL Serv er, Serv ers-All ty[...]

  • Seite 71

    3-23 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview • (SQL Server 2005 - only instruction) Right -click on the server name and vie w Properties. On the left side of the Properties panel, click Permissi ons. In th[...]

  • Seite 72

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-24 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Once this is configured, you can be gin the CSA MC instal lation. Before be ginning, e xit any other programs you ha v e running on the system where you are ins[...]

  • Seite 73

    3-25 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-15 CSA MC EULA License Agr eem ent Step 5 The installation asks if you are up grading from a V5.0 Management Center . In this case, click No to contin u[...]

  • Seite 74

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-26 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 • Name of the server • Name of the database • Login ID • Password Figur e 3-1 7 Remote D atabase Infor mation Step 7 Once you enter the databa se infor[...]

  • Seite 75

    3-27 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-18 Installation Dir ectory Step 9 Y ou are n ext prompted t o enter Administrator Name and Passw ord informat ion. This the user name and password you w[...]

  • Seite 76

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-28 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-19 Enter Ad ministrator Name and P a sswor d Y ou are n ext prompted t o select whether or not you w ant the system to automatically reboot once the [...]

  • Seite 77

    3-29 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-21 Begin Install The install then proceeds copying the necessary files to your system (see Figure 3-22 ).[...]

  • Seite 78

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-30 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-22 Copy Files Once the copying i s complete, the inst allation begi ns config uration and setup tasks. See Figure 3-23 .[...]

  • Seite 79

    3-31 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-23 Installation Proceeds Note When the CSA MC installation completes, an agent installa tion automaticall y begins. It is recommended th at an agent pro[...]

  • Seite 80

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-32 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Installing CSA MC with a Previous Version’s Database (Same System Installation) This section addresses the procedure for backing up and importing a 5.0 d atab[...]

  • Seite 81

    3-33 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-24 CSA MC Installa tion Welcome Scr een Step 5 After you click Ne xt in the welcome screen, various system checks are performed before the system instal[...]

  • Seite 82

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-34 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-25 CSA MC EULA License Agr eem ent Step 7 The installation asks if you are up grading from a V5.0 Management Center . In this case, click Ye s to con[...]

  • Seite 83

    3-35 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-27 Select V5.0 D atabase T ype Step 9 If you select Local Database, you are n ext ask ed to browse to the loca tion of the backed-up V5.0 database. Once[...]

  • Seite 84

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-36 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-28 Br owse t o Back ed-up V5.0 Database Step 10 Once the V 5.0 local or remote dat abase is locate d, the instal lation will p roceed to install CSA [...]

  • Seite 85

    3-37 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-29 User name and Passw ord Creation for V5.1 From here, you can continue b y follo w ing the procedures detailed in Installing CSA MC with a Local Datab[...]

  • Seite 86

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-38 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caution When installing two CSA MCs, t he first MC you install automatically becomes the polling and loggin g MC. The second MC acts as the conf iguration MC. D[...]

  • Seite 87

    3-39 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents When the installation has completed and you’ ve rebooted the system, a Management Center for C[...]

  • Seite 88

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents 3-40 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-30 CSA MC Login W indow Migration Instructions The follo wing section con tains information for migrating to CSA MC V5.2 fro m a pre vious[...]

  • Seite 89

    3-41 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Step 1 Install the Management Center for Cisc o Security Agents V5. 2. See pre vious sections for instructi ons. • If you’ re installing CSA MC V5[...]

  • Seite 90

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Accessing Management Center for Cisco Security Ag ents 3-42 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 5 Next you copy the migration_data_ export.xml and all the migration_host_data<number>.dat f iles from the V5.x or V4.x system to your V5[...]

  • Seite 91

    3-43 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Note Agent kits are configuration items that do not migrate to th e new v ersion. Because host migration does not relate to agent k its, old agents ki[...]

  • Seite 92

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Initiating Secure Communications 3-44 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Upgrade Note Newer v e rsions of policies are not automatically attached to the auto-enrollment groups during upgr ade. If you want to upd ate the mandatory po licies, yo[...]

  • Seite 93

    3-45 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Se cure Communicati ons Figur e 3-31 Certificat e Infor mation[...]

  • Seite 94

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Initiating Secure Communications 3-46 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Step 4 The first Certif icate Manage r Import pa ge contains an overvie w of ce rtificate information. Click Next to continu e. Step 5 From the Select a Certif icate Sto[...]

  • Seite 95

    3-47 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Se cure Communicati ons Step 6 Y ou’ ve no w imported your certif icate for the serv er . Click the Finish button ( Figure 3-33 ) to continue. Figur e 3-33 Certificat e Wizard Finish P age[...]

  • Seite 96

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Internet Explorer 7.0: Importing th e Root Certificate 3-48 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 7 Now , you must save the certif icate. Click the Ye s but ton in the Root Certif icate Store box. Step 8 Y ou are n ext prompted w ith a conf [...]

  • Seite 97

    3-49 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Uninstalling Management Center fo r Cisco Security Agents Figur e 3-34 Inter net Explorer 7 .0 Certificat e Screen Uninstalling Management Center for Cisco Security Agents Uninstall the CSA MC software as[...]

  • Seite 98

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files 3-50 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Note Uninstalling CSA MC does not uninst all the Microsoft SQL Serv er Desktop Engine (database). Y ou m ust uninstall this separately from the Control P anel>[...]

  • Seite 99

    3-51 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Copying Cisco Trust A gent Installer Files double-click the CtaAdminEx- xxx-xxx**.e xe f ile and agree to the EULA (license) to e xtract the ctasetup-xxx-xx x.msi file. It is this msi f ile that you copy [...]

  • Seite 100

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files 3-52 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01[...]

  • Seite 101

    CH A P T E R 4-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 4 Quick S t art Configuration Overview This chapter pro vides the basic setup information you need to start using the Management Center for Ci sco Security Agents to conf igure some preliminary groups and b uild agent kits. The goal of this chapter is to help y[...]

  • Seite 102

    Chapter 4 Quick Start Config uration Access Management Cent er for Cisco Security Ag ents 4-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Config ure a Rule Module, page 4-1 2 • Config ure a Policy , page 4-18 • Attach a Rule Module to a Polic y , page 4-19 • Attach a Policy to a Group, page 4- 19 • Generate R[...]

  • Seite 103

    4-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Access Management Center fo r Cisco Security Agents Administrator Roles in CSA MC Administrators can ha ve dif ferent le vels of CSA MC d atabase access pri vileges. The initial administrator cr eated b y the CSA MC insta llati on aut oma[...]

  • Seite 104

    Chapter 4 Quick Start Config uration Cisco Security Agent Policies 4-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Cisco Security Agent Policies CSA MC default Cisco Secu rity Agent kits, groups, policies, and co nfigu ration v ariables are designed to provi de a high lev el of security coverage for deskt ops and servers[...]

  • Seite 105

    4-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Group Configure a Group Host groups reduce the admini strati ve b u rden of ma naging a large number of agents. Grouping hosts t ogether also lets you apply th e same policy to a number of hosts. A group is the only element re[...]

  • Seite 106

    Chapter 4 Quick Start Config uration Configure a Gro up 4-6 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-1 Gr oup Configuration V iew Step 4 Cisco suggests that you select the Te s t M o d e checkbox (av ailable from the Rule overrides section) for this group. In T est Mode, the po licy we will lat er apply to [...]

  • Seite 107

    4-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit Build an Agent Kit Note The Manageme nt Center for C isco Security Age nts ships with preconfigured agent kits you can use to download and in stall agents if the y meet your initial needs (accessible from System>Agen[...]

  • Seite 108

    Chapter 4 Quick Start Config uration Build an Agent Kit 4-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 T o create a Cisco Security Agent kit, d o the follo wing. Step 1 Move the mouse o ver Systems in the menu bar and select Ag ent Kits from the drop-do wn menu that appears. The agen t kit list vie w displays the precon[...]

  • Seite 109

    4-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit Figur e 4-2 Creat e Agent Kit Once you click the Mak e Kit b utton and generat e ru les, CSA MC p roduces a kit for distrib ution (see Figure 4-3 ). Y ou m ay distrib ute the kit do wnload URL, via email for e xample, t[...]

  • Seite 110

    Chapter 4 Quick Start Config uration Build an Agent Kit 4-10 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Note Note that the Re gistration Control feature also applies to the https://<sy stem name>/csamc52/kits URL. If th e Registration Control feature (see the User Guide for details on the feature) prevents your I[...]

  • Seite 111

    4-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit The Cisco Security Agent • Users must hav e administrator pri vile ges on their sy stems to install the Cisco Security Agent software. • The Cisco Security A gent installs on supported Wi ndows, Linux, and Solaris [...]

  • Seite 112

    Chapter 4 Quick Start Config uration View Registered Hosts 4-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 View Registered Hosts From CSA MC, you can see which hosts ha ve successfully re gistered b y accessing Hosts from the Systems link in the menu bar . This take s you to the Hosts list page. On t he right side of th[...]

  • Seite 113

    4-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module This quarantine list u pdates automatically (dynamically) as logged quarantined files are recei ved. Y ou can use a file acce ss control rule to permanently qu arantine a kno wn virus as sho wn in this examp le. [...]

  • Seite 114

    Chapter 4 Quick Start Config uration Configure a Rule Mo dule 4-14 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-5 Rule Module Cr eation View Create a File Ac cess Control Rule Step 1 From the Rule Module configurati on page ( Figure 4-5 ), click the Modify rules link at the top o f the page. Y ou are no w on th[...]

  • Seite 115

    4-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module Figur e 4-6 Add Rules to Module Step 4 In the File access control ru le configuration vie w (see Figure 4-7 ), enter the follo wing information: • Description —Quarantined a nd Suspected V iru s Applications,[...]

  • Seite 116

    Chapter 4 Quick Start Config uration Configure a Rule Mo dule 4-16 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 6 Select the Log checkbox. This means that the system action in que stion is l ogged and se nt to the server . Generally , you will want to turn logging on for all den y rules so you can mo nitor e vent act[...]

  • Seite 117

    4-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module Figur e 4-7 File A ccess Contro l Rule[...]

  • Seite 118

    Chapter 4 Quick Start Config uration Configure a Policy 4-18 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Configure a Policy Generally , when you configure a poli cy , you are co mbining multiple rule modules under a common name. That polic y name is th en attach ed to a grou p of hosts an d it uses the rules that compris[...]

  • Seite 119

    4-19 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Policy Attach a Rule Module to a Policy T o apply our configured email quarantine rule module to the p olicy we’ ve created, do the following. Step 1 From Policy edit view , click the Modify rule module associations link. T[...]

  • Seite 120

    Chapter 4 Quick Start Config uration Configure a Policy 4-20 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-8 Att ach P olicy to Group Generate Rule Programs No w that we’ ve conf igured our policy and attached it to a group , we’ll ne xt distrib ute the polic y to the agents that are part of the group. W e d[...]

  • Seite 121

    4-21 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Policy Figur e 4-9 Gen erat e Rule Prog ram s Y ou can ensure that agents hav e received this polic y by clicking Hosts (accessible from Systems in the men u bar) and viewing the individual host status views. Click the Refres[...]

  • Seite 122

    Chapter 4 Quick Start Config uration Configure a Policy 4-22 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Refer to the User Guide to read about the conf iguration tasks described here in more detail.[...]

  • Seite 123

    A-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 APPENDIX A Cisco Security Agent Inst allation and Overview Overview This chapte r de s cr ibes the Cisc o Se cu rity Agent and pro vides information on the agent user interface. It al so includes installation i nformation for W indo ws, Linux, and Solaris agents. (This inf [...]

  • Seite 124

    Appendix A Cisco Security Agent Installation an d Overview Downloading an d Installing A-2 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Downloading and Installing Once you bu ild an agent kit on CSA MC, you deli ver the generated URL, via email for exam ple, to end users so that the y can download and instal l the Cisco S[...]

  • Seite 125

    A-3 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Downloading and Installin g Figur e A -1 Optional Ag ent Reboot If a system is no t rebooted follo wing the agent installation, the fol lowi ng functionality is not immediately a vailable. (This functionali ty becomes[...]

  • Seite 126

    Appendix A Cisco Security Agent Installation an d Overview Downloading an d Installing A-4 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 After installation, the agent au tomatically and tran sparently re gisters with CSA MC. Y ou can see which hosts ha ve successfully registered b y clicking the Host s link a v ailable fro[...]

  • Seite 127

    A-5 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Downloading and Installin g • Allow user to modify agent security settings —Sel ecting this checkbox in the Agent UI control rule pro vides System Security and Untrusted Applications feat ures. • Allow user to m[...]

  • Seite 128

    Appendix A Cisco Security Agent Installation an d Overview Installing the Solaris Agent A-6 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Installing the Solaris Agent This section details t he commands you enter and the subsequent o utput that is displayed when you inst all the Cisco Security Agent on Solaris systems. Note[...]

  • Seite 129

    A-7 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Installing the Solaris Agent Step 5 Answer yes (y) to continu e the installation. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you w[...]

  • Seite 130

    Appendix A Cisco Security Agent Installation an d Overview Installing the Linux Age nt A-8 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Caution If you are upgr ading the Solaris agent and you encount er the follo wing error , "There is already an instance of the package and you cannot install due to administrator rul[...]

  • Seite 131

    A-9 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Installing the Linux Agent Step 2 Untar the file. $ cd /tmp $ tar xvf CSA-Server_V5.2.0.218-lin-setup-1a96 9c667ddb0a2d2a8da3e7959 a30b2.tar Step 3 cd to CSCOcsa directory wher e the rpm package is located. $ cd /tmp/[...]

  • Seite 132

    Appendix A Cisco Security Agent Installation an d Overview Installing the Linux Age nt A-10 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Caution On Linux systems, if yo u upgrade the k ernel versio n or boot a dif ferent kernel versio n than the initial v ersion where the agent wa s installed, you must uninstall and reins[...]

  • Seite 133

    B-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 APPENDIX B Third Party Copyright Notices Cisco Security Agent utilizes third party softw are from v arious sources. Portions of this softwar e are copyrighted b y their respecti ve o wners as indicated in the copyright notices be low . OPENSSL [version 0.9.7L] Copyright (c)[...]

  • Seite 134

    Appendix B Third Party Copy right Notices B-2 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 6. Redistrib utions of any form what soe ver must retain the fol lowing ackno wledgment: "This product includes so ftware d e v elo ped b y the OpenSSL Pr oject for use in the OpenSSL T oolkit (http://www .openssl.or g/)" [...]

  • Seite 135

    B-3 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices Copyright remain s Eric Y oung’ s, and as su ch any Co pyright notices i n the code are not to be remov ed. If this package is used in a product, Eric Y oung should be gi v e n attrib ution as the author of the parts of th e librar[...]

  • Seite 136

    Appendix B Third Party Copy right Notices B-4 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 A pache [version 2.0.59], Xerc es 2.7 and AxisCpp 1.6 Copyright © 2000-2005 The Apache Softwa re Foundation. All rights re served. Apache Lice nse V ersion 2.0, January 2004 http://www .apache.or g/licenses/ TERMS AND CONDITION S F[...]

  • Seite 137

    B-5 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices whole, an original work of authorship . For the purposes o f this License, Deri v ativ e W orks shall not includ e wo rks that remain separable from, or merely link (or bind b y name) to the interf aces of, the W ork and Deriv ative [...]

  • Seite 138

    Appendix B Third Party Copy right Notices B-6 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 contrib utory patent infringement, then an y patent licenses granted to Y ou under this License for that W ork sh all terminate as of the date such litigation is f iled. 4. Redistrib ution. Y ou may reproduce and distrib ute copies [...]

  • Seite 139

    B-7 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices without an y additional terms or cond itions. Notwit hstanding the abo ve, nothing herein sh all supersede or modify the terms o f any separate license agreement you may ha ve ex ecuted with Licensor re garding such Contrib utions. 6[...]

  • Seite 140

    Appendix B Third Party Copy right Notices B-8 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 TCL license This software is cop yrighted by the Re ge nts of the Univ ersity of California, Sun Microsystems , Inc., Scriptics Corpo ration, and other parti es. The following terms apply to all f iles associated with the softw are [...]

  • Seite 141

    B-9 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices foregoin g, the authors grant th e U.S. Gov ernment and others actin g in its behalf permission to use and distrib ute the software in accordance with the terms specified in this license. Perl Copyright 1987 -2005, Larry W all Perl m[...]

  • Seite 142

    Appendix B Third Party Copy right Notices B-10 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 IN CONTRA CT , STRICT LI ABILITY , OR TOR T (INCLUDI NG NEGLIGENCE OR OTHER WISE) ARISING IN ANY W A Y OUT OF THE USE OF THIS SOFTW ARE, EVEN IF AD VISED OF THE POSSIBILITY OF SUCH DA M AG E . CMU-SNMP Libraries This product contai[...]

  • Seite 143

    B-11 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices licensing terms described here. If modif ications to this Software and Documentation ha ve new licensin g terms, the new te rms must be clearly indicated on the f irst page of each f ile where they ap ply . OPEN MARKET MAKES NO EXPR[...]

  • Seite 144

    Appendix B Third Party Copy right Notices B-12 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 THE SOFTW ARE IS PR O VIDED "AS IS", WITHOUT W ARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NO T LIMITED TO THE W ARRANTIES OF MERC HANT ABILITY , FITNESS FOR A P AR TICULAR PURPOSE AND NONINFRIN GEMENT OF THIRD[...]

  • Seite 145

    B-13 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices a. Installation and Use. Y o u may install and use an y number of copies of the software on your de vices. b. Included Microsoft Programs. The software con tains oth er Microsoft programs. These license terms apply to your use of th[...]

  • Seite 146

    Appendix B Third Party Copy right Notices B-14 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 • include Distribu table Code in malicious, decepti ve or unla wful programs; or • modify or distrib ute the source code of any Distrib u table Code so that any part of i t becomes subject to an Excluded Licen se. An Excluded L[...]

  • Seite 147

    B-15 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 7. TRANSFER TO A THIRD P AR TY . The first user of the software may transfer it and this agreemen t directly to a third party . Before the transfer , that party must agree t hat this agreement applies to the transfer and use of the [...]

  • Seite 148

    Appendix B Third Party Copy right Notices B-16 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 MICR OSOFT EXCLUDES THE IMPLIED W ARRANTIES OF MERCHANT ABILITY , FITNESS FOR A P AR TICULAR PURPOSE AND NON-INFRINGEMENT . 14. LIMIT A TION ON AND EXCLUSION OF REMEDIES AND D AMAGES. Y OU CAN RECO VER FR OM MICR OSOFT AND ITS SUPP[...]

  • Seite 149

    B-17 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices By using this supplemen t, you accept these terms. If you do n ot accept them, do not use thi s supplem ent. If you comply wi th these li cense te rms, you h av e the rights belo w . 1. SUPPOR T SER VICE S FOR SUPPLEMENT . Microsoft[...]

  • Seite 150

    Appendix B Third Party Copy right Notices B-18 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 the right to disclose the results of benchmark tests it conducts of your products that comp ete with the .NET Componen t, provided i t complies with the same conditions abo ve. MarshallSoft Computing SMTP/POP3 Email Engine License [...]

  • Seite 151

    B-19 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices Everyone is permi tted to copy and distri bute v erbatim copies of this license document, b ut changing it is not allo wed. [This is the fir st released version o f the Lesser GPL. It also counts as the successor of the GNU Library [...]

  • Seite 152

    Appendix B Third Party Copy right Notices B-20 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 T o protec t each distributor , we want to ma ke it v ery clear that there is no warranty for the free libr ary . Also, if the library i s modifi ed by someone el se and passed on, the recipients should know that what they hav e is[...]

  • Seite 153

    B-21 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices In other cases, permission to use a partic ular library in non -free programs enables a greater number of people to use a large body of free software. F o r example, permission to use the GNU C Libr ary in non-free programs enables [...]

  • Seite 154

    Appendix B Third Party Copy right Notices B-22 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Acti vities other than cop ying, distrib ution and modif ication are not covered b y this License; they are outsid e its scope. The act of running a program using the Library is not restricted , and output from such a program is co[...]

  • Seite 155

    B-23 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices These requirements apply to the m odifi ed work as a whole. I f identif iable sections of that wo rk are not deri ved from the Library , and can be reasonably considered independent and separate work s in themselves, then this Licen[...]

  • Seite 156

    Appendix B Third Party Copy right Notices B-24 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 5. A program that con tains no deri vati ve of an y portion of the Library , but is designed to w ork with the Libr ary b y being compiled or link ed wit h it, is called a "work that uses the Library". Such a work , in is[...]

  • Seite 157

    B-25 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices ex ecutable linked wi th the Library , with the c omplete mach ine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to pr oduce a modif ied e[...]

  • Seite 158

    Appendix B Third Party Copy right Notices B-26 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 a) Accompany the comb ined library with a copy of the same work based on the Library , uncombined with an y other library facilities. This must be distrib uted under the terms of the Sections ab ov e. b) Giv e prominent notice with[...]

  • Seite 159

    B-27 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices It is not the purpose of this sect ion to induce you to infr inge any patents or ot her property right claims or to con test vali dity of any such claims; this section has the sole purpose of protecti ng the integrit y of the free s[...]

  • Seite 160

    Appendix B Third Party Copy right Notices B-28 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 THE COPYRIGHT HOLDERS AND/OR O THER P AR TIES PR O VIDE THE LIBRAR Y "AS IS" WITH OUT W ARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NO T LIMITED TO, THE IMPLIED W ARRANTIES O F MERCHANT ABILITY AND FI[...]

  • Seite 161

    B-29 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices This library is free software; you can re distrib ute it and/or modify it under the terms of the GNU Lesser General Public Licen se as published b y the Free Software F oundation; either v ersion 2.1 of the License, o r (at your opt[...]

  • Seite 162

    Appendix B Third Party Copy right Notices B-30 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 1.4. "Electronic Distrib ution Mechanism" means a mechanism generally accepted in the software dev e lopment community for the electronic transfer of data. 1.5. "Exe cu table" means Cov ered Code in any form oth[...]

  • Seite 163

    B-31 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 1.12. "Y ou" (or "Y our") means an individual o r a legal en tity ex ercising rights under , and complying with all of the terms of, this License or a future version of this License issued under Section 6.1. F or[...]

  • Seite 164

    Appendix B Third Party Copy right Notices B-32 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 (b) under P atent Claims infringed by the maki ng, using, or selling of Modifi cations made b y that Contrib utor either al one and/or in combination with its Co ntrib utor V ersion (or por tions of such combination), to mak e, use[...]

  • Seite 165

    B-33 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices av ailable to such recipients. Y ou are re sponsible for ensuring that the Source Code version remains a vailable e v en if the El ectronic Dist rib ution Mechanism is maintained b y a third party . 3.3. Description of Mo dification[...]

  • Seite 166

    Appendix B Third Party Copy right Notices B-34 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 also duplicate this License in any do cumentation for the Source Code where Y ou describe recipients' r ights o r o wne rship rights relating to Co v ered Code. Y ou may choose t o of fer , and to charge a fee for , warranty ,[...]

  • Seite 167

    B-35 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices affect. Su ch description must be included i n the LEGAL file describ ed in Section 3.4 and must be includ ed with all distrib utions of the Source Code. Except to the e xtent prohibited by statute or regulation, such descriptio n m[...]

  • Seite 168

    Appendix B Third Party Copy right Notices B-36 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 MERCHANT ABLE, FIT FOR A P AR TICULAR PURPOSE OR NON-INFRINGING. THE ENTIR E RISK AS TO THE QU ALITY AND PERFORMANCE OF THE C O VERED CODE IS WITH Y OU. SHOULD ANY CO VERED CODE PR O VE DEFECTIVE IN ANY RESPECT , YOU (NO T THE INIT[...]

  • Seite 169

    B-37 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 8.3. If Y ou assert a patent infringement claim against Participant alle ging that such Parti cipant's Contribut or V ersion directly or indirectly i nfringes any patent wher e such claim is resolved (such as by license or se t[...]

  • Seite 170

    Appendix B Third Party Copy right Notices B-38 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 This License represents the complete agreement concerning subje ct matter hereof. If any pro vision of this License is held to be unenforceable, such provision sh all be reformed only to the e xtent necessary to make it enforceable[...]

  • Seite 171

    B-39 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices The Initial De veloper of the Original Code is ____ ________________ ____. Portions created b y ______________________ are Cop yright (C) ______ ____________ ___________. All Righ ts Reserved. Contrib utor(s): __ ________________ __[...]

  • Seite 172

    Appendix B Third Party Copy right Notices B-40 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 provid ed to you b y Sun under t his Agreement. "Programs" mean Ja v a applets and applications intended to run o n the Jav a Platform, Standard Edition (Ja v a SE) on Jav a-enabled general purpose desktop com puters and [...]

  • Seite 173

    B-41 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 6. LIMIT A TION OF LIABILITY . TO THE EXTENT NO T PROHIBITED BY LA W , IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PR OFIT OR DA T A , OR FOR SPECIAL, INDIRECT , CONSEQUENTIAL, INC IDENT AL OR PUNITIVE D AM[...]

  • Seite 174

    Appendix B Third Party Copy right Notices B-42 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 in accordance with 48 CFR 227.7201 through 2 27.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.21 2 (for non-DOD acquisitions). 11. GO VERNING LA W . Any action related t o this Agreement will be[...]

  • Seite 175

    B-43 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices you distrib ute the Software complete and unmodif ied and only bundled as part of, and for the sole purpose of runni ng, your Programs, (ii) the Progr ams add signif icant and primary functional ity to the Softwa re, (iii) you do no[...]

  • Seite 176

    Appendix B Third Party Copy right Notices B-44 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01[...]

  • Seite 177

    IN-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 INDEX A Active hosts 4-12 Add rule 4-14 Administrator local or LDA P authent ication 4-3 roles 4-3 Agent kits 4-7 optional reboot after install A-3 registration 4-7 user interface A-4 Agent (Linux) installing A-8 Agent (Solaris) installing A-6 migrating from V4.x 3-43 Agen[...]

  • Seite 178

    Index IN-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 D Deployment overview 1-2 Detailed de scriptio n 4-4 Distributed configu ration 3-38 DNS environment s 1-9 F File access control rule 4-14 FireFox version support 1-10 Force reboot after inst all 4-8 G Generate rules 4-20 Generating confi gurations 4-20 Group configu[...]

  • Seite 179

    IN-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Index Windows XP 1-14 Internet Explorer version support 1-9 L Licensing import infor mation 3-18, 3-31 Licensing information 3-2 Local database install 3-6 Log installati on 3-38 Login locally 3-39 remotely 3-39 M Make kit 4-8 Migrate to CSA MC, new version 3-40 migration_[...]

  • Seite 180

    Index IN-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Q Quick start setup 4-1 R Reboot opti onal agent A-2, A-3 Registered hosts view 4-12 Remote access 3-39, 4-2 Remote database install 3-7 Requirements agent 1-5 cluster support 1-11 DNS and WINS 1-9 port availa bility 1-10 server 1-3 time and date settings 1-10 web br[...]

  • Seite 181

    IN-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Index remote db and CSA MC system 3-21 Two servers 2-3 U Uninstall CSA MC 3-49 UNIX agent i nstall directo ry A-7 Upgrade n aming conven tions 3-42 V Verbose logging mode 4-6 Version labels 3-42 W Web-based user interface 1-2, 1-17 Web browser requirements 1-9 Windows Clus[...]

  • Seite 182

    Index IN-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01[...]