Cisco Systems DOC-78-17916 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Cisco Systems DOC-78-17916, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Cisco Systems DOC-78-17916 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Cisco Systems DOC-78-17916. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Cisco Systems DOC-78-17916 should contain:
- informations concerning technical data of Cisco Systems DOC-78-17916
- name of the manufacturer and a year of construction of the Cisco Systems DOC-78-17916 item
- rules of operation, control and maintenance of the Cisco Systems DOC-78-17916 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Cisco Systems DOC-78-17916 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Cisco Systems DOC-78-17916, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Cisco Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Cisco Systems DOC-78-17916.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Cisco Systems DOC-78-17916 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Installing Management Center f or Cisco S ecurity A gents 5.2 Customer Order Number: DO C-78-17916[...]

  • Page 2

    THE SPECIFICA TIONS AND IN FORMA TION REGARDING THE PRODUCTS IN THIS MAN UAL ARE SUBJECT TO CHANGE WIT HOUT NO TICE. ALL ST A TEMENTS, INFORMA TION, AND RECOMMEND A TION S IN THIS MANU AL ARE BELIEVED TO BE A CCURA TE BU T ARE PRESENTED WITHOUT W ARRANTY OF ANY KIND, EX PRESS O R IMPL IED. USE RS MU ST T AKE FU LL RESPON SIBILITY FOR THEIR APPLICA [...]

  • Page 3

    i Book Title 78-17916-01 CONTENTS Preface v Audience 1-v Conventi ons 1-vi Obtaining Documentation 1-vii Cisco.com 1-vii Product Documentation DVD 1-vii Ordering Documentation 1-viii Documentation Feedback 1-viii Cisco Product Security Overview 1-viii Reporting Security Problems in Cisco Prod ucts 1-ix Product Alerts and Field Notices 1-x Obtaining[...]

  • Page 4

    Contents ii Book Title 78-17916-01 DNS and WINS Environments 1-9 Browser Requirements 1-9 Time and Date Req uirements 1-10 Port Availability 1-10 Windows Cluster Support 1-11 Internationalization Support 1-11 Internationalization Support Tables 1-12 About CSA MC 1-17 CHAPTER 2 Deployment Planning 2-1 Overview 2-1 Piloting the Product 2-2 Running a [...]

  • Page 5

    iii Book Title 78-17916-01 Contents Licensing Information 3-2 Installing V5.2 and Migrating Co nfigurations and Hosts from Previous Versions 3-3 Installation and Migration Overview 3-3 Local and Remote DB Installation Overview 3-6 Installing CSA MC with a Local Database 3-8 Installing CSA MC with a Remote Database 3-21 Installing CSA MC with a Prev[...]

  • Page 6

    Contents iv Book Title 78-17916-01 Configure a Policy 4-18 Attach a Ru le Module to a Policy 4-19 Attach a Policy to a Group 4-19 Generate Rule Programs 4-20 APPENDIX A Cisco Security Agent In st allation and Overview A-1 Overview A-1 Downloading and Installing A-2 The Cisco Security Agent User Interface A-4 Installing the Solaris Agent A-6 Install[...]

  • Page 7

    v Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface This manual de scribes how to configure the Manageme nt Center for Cisc o Security Agents on Microsoft W indo ws 2003 operating systems and the Cisco Security Agent on supported Micro soft W indo ws 2003, Microsoft W indo ws XP , Microsoft W indows 2000, Microsoft W i[...]

  • Page 8

    Preface Conventions vi Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Conventions This manual uses the following con ventions. Convention Purpose Example Bold text User interface field names and menu options. Click the Gr oups opti on. The Groups edit pag e appears. Italicized text Used t o emphasize text. Yo u m u s t sav[...]

  • Page 9

    vii Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Documentation Obtaining Documentation Cisco documentation and additi onal litera ture are a v ailable on Cisco.com. This section e xplains the product do cumentation resources that Cisco o ffers. Cisco.com Y ou can access the most current Ci sco documentat[...]

  • Page 10

    Preface Documentation Feedba ck viii Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Ordering Documentation Y ou must be a registered Ci sco.com user to access Cisco Marketplace. Registered users may order Cisco d ocumentation at t he Product Documentat ion Store at t his URL: http://www .cisco.com/go/marketplace/docsto re I[...]

  • Page 11

    ix Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Cisco Product Security O verview T o se e security advisories, security notices, and securi ty responses as they are updated in real ti me, you can subscribe t o the Product Security Inci dent Response T eam Really Simple Syndicat ion (PSIR T RSS) feed. Information a[...]

  • Page 12

    Preface Product Alerts and Field No tices x Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 If you do not ha ve or use PGP , contact PSIR T to find other means of encry pting the data before sending any sensiti ve material. Product Alerts and Field Notices Modifi cations to or updates abou t Ci sco products are annou nced in[...]

  • Page 13

    xi Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Techn ical Assistance Access to all tools on the Cisco Support website requires a Cisco.com user ID and password. If you ha ve a v alid service contract b ut do not hav e a user ID or password, you can re gister at this URL: http://tools.cisco.com/RPF/ regi[...]

  • Page 14

    Preface Obtaining Technical Assistance xii Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 solutions. If yo ur issue is not resolv ed using the recommended resources, your service request is assigned to a Cisco engineer . The T A C Service Request T ool is located at t his URL: http://www .cisco.com/techsupport/ servicereque[...]

  • Page 15

    xiii Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Additional Public ations and Information Obtaining Additional Publications and Information Information ab out Cisco products, tech nologies, and netw ork solutions is av ailable from v a rious online and printed sources. • The Cisco Online Subscription [...]

  • Page 16

    Preface Obtaining Additional Publ ications and Information xiv Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Networking Prof essionals Connection is an interacti ve website where networking pro fessionals share questions, sug gestions, and information about network ing products and techn ologies with Cisco e xperts and[...]

  • Page 17

    CH A P T E R 1-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 1 Prep aring to Inst all How the Cisco Security Agent Works The Cisco Security Agent pr ovides distrib uted security to your enterprise by deploying agen ts that defen d against the proliferation of attacks across networks and systems. These agents operate us i[...]

  • Page 18

    Chapter 1 Preparing t o Install Cisco Security Agent Ov erview 1-2 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Cisco Security Agent Overview Cisco Security Agent contains two components: • The Manageme nt Center for C isco Secu ri ty Agents (C SA MC)- in st al ls on a secured se rver an d includes a web se rver , a co[...]

  • Page 19

    1-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Before Proceeding Before Proceeding Before installing CSA MC softwa re, refer to the Release Notes for up- to-date information. No t doing so can result in the misconf iguration of your system. Make sure that y our system is compatible wit h [...]

  • Page 20

    Chapter 1 Preparing t o Install System Requirements 1-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Pager alerts require a Hayes Compatible Modem. • For opti mal vie wing of the CSA MC UI, you should set your display to a resolution of 1024 x768 or higher . • On a system where CSA MC has nev e r been installed, t[...]

  • Page 21

    1-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install System Requirements T o run the Cisco Security Agent on Windo ws servers and desktop systems, the requirements are as follows: Ta b l e 1 - 2 A gent Requirements (Windo ws) Sy stem Component Requi remen t Processor Intel Pentium 200 MHz or hi[...]

  • Page 22

    Chapter 1 Preparing t o Install System Requirements 1-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Hard Dri ve Space 50 MB or higher Note This includes program an d data. Network Ethern et or Dial up Note Maximum of 64 IP addr esses supported on a system. Sy stem Component Requirement[...]

  • Page 23

    1-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install System Requirements T o run the Cisco Security Agent on your So laris server systems, the requirements are as follows: Ta b l e 1 -3 A gent Requirements (Solar is) Sy stem Component Requi remen t Processor UltraSP ARC 400 MHz or higher Note Un[...]

  • Page 24

    Chapter 1 Preparing t o Install System Requirements 1-8 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Caution On Solaris systems running Cisco Security Agents, if you add a ne w type of Ethernet interface to the sy stem, you must reboot t hat system twice for the agent to detect it and apply rules to it accordingly . T o [...]

  • Page 25

    1-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Environment Requirements Caution When upgrading or changing operating systems, un install the agent f irst. When the ne w operating system is in place, you can install a new agent kit. Because the agent installation e xamines the operating sy[...]

  • Page 26

    Chapter 1 Preparing t o Install Environment Requirements 1-10 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Y ou must ha v e cookies enabled. This means using a maximum sett ing of "medium" as your Internet security se tting . Locate this fea ture f rom the follo wing menu, T ools>Internet Options. Click t[...]

  • Page 27

    1-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Internationalization Support Windows Cluster Support Cisco Security Agent supports Netw ork Load Balancing and Serv er Cluster for W indows 2003 an d 2000 Serv er platforms. Cluster support m ay require certain network permission s to operat[...]

  • Page 28

    Chapter 1 Preparing t o Install Internationalization Support 1-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Explanation of terms: Localized: Cisco Security Agent kits cont ain localized support for the languages identif ied in Ta b l e 1-5 . This support is automatic in e ach agent kit and no action is required b y the[...]

  • Page 29

    1-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install Internationaliza tion Support Interface (MUI) supported languages, installs are always in Eng lish (Installshield does not support MUI), and the UI/dialogs are in English unless the desk top is Chinese (Simplified), French, German, It alian, [...]

  • Page 30

    Chapter 1 Preparing t o Install Internationalization Support 1-14 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Ta b l e 1 -8 Windows XP Support Greek S NA NA Hebre w NS NA NA Hungarian SS NA Italian L L(S) NA Japanese L L(S) L(S) Ko r e a n L L(S) L(S) Norweg ian S NA NA Polish TT NA Portuguese SS NA Russia n SS NA Spanis[...]

  • Page 31

    1-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Internationalization Support Ta b l e 1 - 9 Windows 2003 Support Greek S S Hebre w NS NS Hungarian S S Italian L L(S) Japanese L L(S) Ko r e a n L L(S) Norweg ian S S Polish T T Portuguese S S Russia n S S Spanish L L(S) Swedish S S Tu r k i[...]

  • Page 32

    Chapter 1 Preparing t o Install Internationalization Support 1-16 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 On non-localized b ut tested and supported language platform s, the administrator is responsible for polic y changes aris ing from direct ory naming v a riations between languages. If the pre vious operat ing sys[...]

  • Page 33

    1-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install About CSA MC Figur e 1 -2 Diagnosis fo r Localized Ho st About CSA MC The CSA MC user interface installs as pa r t of t h e ove r a ll C i sco Security Agent solution inst allation. It is thr ough a web- based in terface that all securi ty po[...]

  • Page 34

    Chapter 1 Preparing t o Install About CSA MC 1-18 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 1 -3 CSA MC, T op Lev el View[...]

  • Page 35

    CH A P T E R 2-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 2 Deployment Planning Overview This section pro v ides information on deplo ying the product as part of pilot program and scaling the product to 100,000 agent deplo yments. This section contains the following topics: • Piloting the Pro duct, page 2-2 • Runn[...]

  • Page 36

    Chapter 2 Dep loyment Planning Piloting the Product 2-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Piloting the Product Before deployin g Cisco Security Agents (CSA ) on a lar ge scale, it is critical that you run a manageable and modest initial p ilot of the product. Ev en in a CSA upgrade situation, a pilot p rogram i[...]

  • Page 37

    2-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Scalable Deployments • How long should a pilot pr ogr am run? Basically , the deployin g and tuning of policies is an iterati ve process. Initiall y , you will ha ve a great deal of e vent log noise to parse. Y ou must examin e the data comin[...]

  • Page 38

    Chapter 2 Dep loyment Planning Scalable Deployments 2-4 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Hardwar e Conf igurations: 1. Single processor Pent ium 4 (3Ghz+) with 2 GB RAM 2. Dual processor Xeon (2.5 Ghz+) with 4 GB RAM 3. Quad processor Xeon (2.5 Ghz+) wi th 8 GB RAM 4. Eight-W ay Xeon (2.5 Ghz+) w ith 8 GB RAM[...]

  • Page 39

    2-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Scalable Deployments Software Considerations • CSA MC is only supported o n W indows 2003 R2 Standard an d Enterprise operating systems. Only Hardware C onf igurations 1 and 2 (referenced in pre vious tables) supp ort W indows 2003 R2 Standar[...]

  • Page 40

    Chapter 2 Dep loyment Planning Scalable Deployments 2-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Factors in Network Sizing Y ou can use the follo wing data points for computing product network usage. The follo wing numbers a verage tasks based on the upper limit of a 100 ,000 agent deployment. Agent and Conf iguration[...]

  • Page 41

    2-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting • Agent update (with CT A) (do wnstream): 16666.67 Kb/sec, durin g update timeframe As an example o f ho w you could compute netw ork load using the data points provided here, take 100,000 agents, each genera[...]

  • Page 42

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Use the supplied groups and if neces sary define addi tional groups for eac h distinct desktop and server type in you r network. In your p ilot, you should hav e some participants that are using each desk[...]

  • Page 43

    2-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting logging the beh avior of the rules used by members of th e Administrator group. Monitor policies can be used in cle ver ways to focus in on specif ic beha vior without interrup ting applications and services. ?[...]

  • Page 44

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-10 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 understand the beha vior of the application, craft a polic y , place it i n test mode on the pilot machines, an d examine the e vent log. Use the techniques in the rest of this section to tune/troubleshoo t [...]

  • Page 45

    2-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting If one of the rule modules wi thin a policy is n ot behavi ng as expected , you can place it in test mode wh ile still keeping the remaining rule modules in li ve mode. T o do this, select the Te s t M o d e c[...]

  • Page 46

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caching and Resetting Query Responses Rules can be configured with enforcement actions of allo w , deny , terminate, or query the user . In some cases, there are ru les that already query the user but do so [...]

  • Page 47

    2-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting Setting Up Exception Rules In some cases, you need two or m ore different r ules to completely specify the desired actions to a specific e vent. For example, you could have one rule that denies all application[...]

  • Page 48

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-14 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Whether you want the exceptio n rule base d on the appl ication specified in the e vent or whet her you want to base it on a ne w application class. After you click Finish in the wizard, the MC displ ays[...]

  • Page 49

    CH A P T E R 3-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 3 Inst alling the Management Center for Cisco Security Agent s Overview This chapter pro vides instructions for installing CSA MC. Once you ha ve re vie wed the preliminary information outli ned in the pre vious chapter , you are ready to proceed. It is through[...]

  • Page 50

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Licensing Information 3-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Installation Log, pag e 3-38 • Accessing Management Center f or Cisco Security Agents, page 3-39 • Migration Instruct ions, page 3-40 • Initiating Secure Co mmunications, p[...]

  • Page 51

    3-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Installing V5 .2 and Migrat ing Configura t ions and Hosts from Previous Ve rsions Installing V5.2 and Migrating Configurations and Hosts from Previous Versions If you ha ve pre vious versions (V5.1, V5.0,[...]

  • Page 52

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Installation and Migration Overview 3-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Scenario 2 - Migrating V5.1 to V5.2 - Separate Systems: Y ou can install V5.2 on a ne w machine and use the prov ided migration too ls to mov e V5.1 config urations[...]

  • Page 53

    3-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Installation and Mig ration Overview Figur e 3-1 Supported Migration P aths The CSA MC V5.2 installation does not automatically upgrad e or ov erwrite the older installations. Ultimately , the migration pr[...]

  • Page 54

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Dir ectory P aths P e r V ersion Cisco SystemsCSAMCCSAMC52 Cisco SystemsCSAMCCSAMC51 CSCOpxCSA MC50 Local and Remote DB Installation Overview Y ou must ha v[...]

  • Page 55

    3-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Note If your plan is to use SQL Serv er 2005, it is recommended that you cho ose one of the other installatio n configur ation options rather t han the local datab[...]

  • Page 56

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Using this conf iguration, you can deploy up to 100,000 agents. Ha ving two CSA MCs lets you use on e MC for host registration and pol ling and an other MC for e[...]

  • Page 57

    3-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Step 1 Log on as a local Administ rator on your Micro soft Server W indo ws 2003 R2 Standard or Enterprise system. Step 2 Put the Management Center for Cisco Secur[...]

  • Page 58

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-10 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-3 CSA MC EULA License Agr eement Step 5 The installati on check i f th e needed ports are available. Figur e 3-4 Installation P ort Chec k Step 6 The[...]

  • Page 59

    3-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-5 Upgr ade Question Windo w Step 7 The install then be gins by promptin g you to select a database location. In this case, you will keep the default sel[...]

  • Page 60

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-12 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Note For installat ions exceeding 1,0 00 agents, it is recommended that you install Microsoft SQL Serv er 2005 instead of using the Microsoft S QL Server Micro[...]

  • Page 61

    3-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-8 SQL Server Installation Direct ory Selection SQL Server Ex press Edition installs .NET Frame work on the syst em and continues to perform conf igurati[...]

  • Page 62

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-14 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-9 SQL Serv er Expr ess Edition Config uration Status Windo w Note When the Microsoft SQL Serv er Express Edition installat ion finishes, t he CSA MC [...]

  • Page 63

    3-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-1 0 Enter A dministrator Name and P assword Step 11 Y ou are ne xt prompted to select whet her or not you w ant the system to automatically reboot once [...]

  • Page 64

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-16 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-12 Begin Install The install then pr oceeds copying the necessary files to your sys tem. (See Figure 3-13 .). The installation process then continues[...]

  • Page 65

    3-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-13 Copy Files[...]

  • Page 66

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-18 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-14 Installation Proceeds Note When the CSA MC installation completes, an agent installa tion automaticall y begins. It is recommended that an ag ent [...]

  • Page 67

    3-19 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Microsoft SQL Server 2005 and 2000 Local Installation Notes Note The follow ing instructions are only intended for administrat ors choosing to install CSA MC and [...]

  • Page 68

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-20 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • In the Setup T yp e installation windo w , choose the Ty p i c a l radio bu tton and in the Destin ation Folder section, clic k the various Br owse b uttons[...]

  • Page 69

    3-21 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Caution If you are installin g both CSA MC and the database to t he same machine with the provid ed Microsoft SQL Serv er Express database, y ou should install Mi[...]

  • Page 70

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-22 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caution Y ou must install a Cisco S ecurity Agent on this remote database. This agen t should be in the foll owing gro ups: Servers-SQL Serv er, Serv ers-All ty[...]

  • Page 71

    3-23 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview • (SQL Server 2005 - only instruction) Right -click on the server name and vie w Properties. On the left side of the Properties panel, click Permissi ons. In th[...]

  • Page 72

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-24 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Once this is configured, you can be gin the CSA MC instal lation. Before be ginning, e xit any other programs you ha v e running on the system where you are ins[...]

  • Page 73

    3-25 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-15 CSA MC EULA License Agr eem ent Step 5 The installation asks if you are up grading from a V5.0 Management Center . In this case, click No to contin u[...]

  • Page 74

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-26 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 • Name of the server • Name of the database • Login ID • Password Figur e 3-1 7 Remote D atabase Infor mation Step 7 Once you enter the databa se infor[...]

  • Page 75

    3-27 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-18 Installation Dir ectory Step 9 Y ou are n ext prompted t o enter Administrator Name and Passw ord informat ion. This the user name and password you w[...]

  • Page 76

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-28 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-19 Enter Ad ministrator Name and P a sswor d Y ou are n ext prompted t o select whether or not you w ant the system to automatically reboot once the [...]

  • Page 77

    3-29 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-21 Begin Install The install then proceeds copying the necessary files to your system (see Figure 3-22 ).[...]

  • Page 78

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-30 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-22 Copy Files Once the copying i s complete, the inst allation begi ns config uration and setup tasks. See Figure 3-23 .[...]

  • Page 79

    3-31 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-23 Installation Proceeds Note When the CSA MC installation completes, an agent installa tion automaticall y begins. It is recommended th at an agent pro[...]

  • Page 80

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-32 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Installing CSA MC with a Previous Version’s Database (Same System Installation) This section addresses the procedure for backing up and importing a 5.0 d atab[...]

  • Page 81

    3-33 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-24 CSA MC Installa tion Welcome Scr een Step 5 After you click Ne xt in the welcome screen, various system checks are performed before the system instal[...]

  • Page 82

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-34 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-25 CSA MC EULA License Agr eem ent Step 7 The installation asks if you are up grading from a V5.0 Management Center . In this case, click Ye s to con[...]

  • Page 83

    3-35 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-27 Select V5.0 D atabase T ype Step 9 If you select Local Database, you are n ext ask ed to browse to the loca tion of the backed-up V5.0 database. Once[...]

  • Page 84

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-36 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-28 Br owse t o Back ed-up V5.0 Database Step 10 Once the V 5.0 local or remote dat abase is locate d, the instal lation will p roceed to install CSA [...]

  • Page 85

    3-37 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-29 User name and Passw ord Creation for V5.1 From here, you can continue b y follo w ing the procedures detailed in Installing CSA MC with a Local Datab[...]

  • Page 86

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-38 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caution When installing two CSA MCs, t he first MC you install automatically becomes the polling and loggin g MC. The second MC acts as the conf iguration MC. D[...]

  • Page 87

    3-39 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents When the installation has completed and you’ ve rebooted the system, a Management Center for C[...]

  • Page 88

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents 3-40 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-30 CSA MC Login W indow Migration Instructions The follo wing section con tains information for migrating to CSA MC V5.2 fro m a pre vious[...]

  • Page 89

    3-41 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Step 1 Install the Management Center for Cisc o Security Agents V5. 2. See pre vious sections for instructi ons. • If you’ re installing CSA MC V5[...]

  • Page 90

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Accessing Management Center for Cisco Security Ag ents 3-42 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 5 Next you copy the migration_data_ export.xml and all the migration_host_data<number>.dat f iles from the V5.x or V4.x system to your V5[...]

  • Page 91

    3-43 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Note Agent kits are configuration items that do not migrate to th e new v ersion. Because host migration does not relate to agent k its, old agents ki[...]

  • Page 92

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Initiating Secure Communications 3-44 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Upgrade Note Newer v e rsions of policies are not automatically attached to the auto-enrollment groups during upgr ade. If you want to upd ate the mandatory po licies, yo[...]

  • Page 93

    3-45 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Se cure Communicati ons Figur e 3-31 Certificat e Infor mation[...]

  • Page 94

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Initiating Secure Communications 3-46 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Step 4 The first Certif icate Manage r Import pa ge contains an overvie w of ce rtificate information. Click Next to continu e. Step 5 From the Select a Certif icate Sto[...]

  • Page 95

    3-47 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Se cure Communicati ons Step 6 Y ou’ ve no w imported your certif icate for the serv er . Click the Finish button ( Figure 3-33 ) to continue. Figur e 3-33 Certificat e Wizard Finish P age[...]

  • Page 96

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Internet Explorer 7.0: Importing th e Root Certificate 3-48 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 7 Now , you must save the certif icate. Click the Ye s but ton in the Root Certif icate Store box. Step 8 Y ou are n ext prompted w ith a conf [...]

  • Page 97

    3-49 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Uninstalling Management Center fo r Cisco Security Agents Figur e 3-34 Inter net Explorer 7 .0 Certificat e Screen Uninstalling Management Center for Cisco Security Agents Uninstall the CSA MC software as[...]

  • Page 98

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files 3-50 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Note Uninstalling CSA MC does not uninst all the Microsoft SQL Serv er Desktop Engine (database). Y ou m ust uninstall this separately from the Control P anel>[...]

  • Page 99

    3-51 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Copying Cisco Trust A gent Installer Files double-click the CtaAdminEx- xxx-xxx**.e xe f ile and agree to the EULA (license) to e xtract the ctasetup-xxx-xx x.msi file. It is this msi f ile that you copy [...]

  • Page 100

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files 3-52 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01[...]

  • Page 101

    CH A P T E R 4-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 4 Quick S t art Configuration Overview This chapter pro vides the basic setup information you need to start using the Management Center for Ci sco Security Agents to conf igure some preliminary groups and b uild agent kits. The goal of this chapter is to help y[...]

  • Page 102

    Chapter 4 Quick Start Config uration Access Management Cent er for Cisco Security Ag ents 4-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Config ure a Rule Module, page 4-1 2 • Config ure a Policy , page 4-18 • Attach a Rule Module to a Polic y , page 4-19 • Attach a Policy to a Group, page 4- 19 • Generate R[...]

  • Page 103

    4-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Access Management Center fo r Cisco Security Agents Administrator Roles in CSA MC Administrators can ha ve dif ferent le vels of CSA MC d atabase access pri vileges. The initial administrator cr eated b y the CSA MC insta llati on aut oma[...]

  • Page 104

    Chapter 4 Quick Start Config uration Cisco Security Agent Policies 4-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Cisco Security Agent Policies CSA MC default Cisco Secu rity Agent kits, groups, policies, and co nfigu ration v ariables are designed to provi de a high lev el of security coverage for deskt ops and servers[...]

  • Page 105

    4-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Group Configure a Group Host groups reduce the admini strati ve b u rden of ma naging a large number of agents. Grouping hosts t ogether also lets you apply th e same policy to a number of hosts. A group is the only element re[...]

  • Page 106

    Chapter 4 Quick Start Config uration Configure a Gro up 4-6 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-1 Gr oup Configuration V iew Step 4 Cisco suggests that you select the Te s t M o d e checkbox (av ailable from the Rule overrides section) for this group. In T est Mode, the po licy we will lat er apply to [...]

  • Page 107

    4-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit Build an Agent Kit Note The Manageme nt Center for C isco Security Age nts ships with preconfigured agent kits you can use to download and in stall agents if the y meet your initial needs (accessible from System>Agen[...]

  • Page 108

    Chapter 4 Quick Start Config uration Build an Agent Kit 4-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 T o create a Cisco Security Agent kit, d o the follo wing. Step 1 Move the mouse o ver Systems in the menu bar and select Ag ent Kits from the drop-do wn menu that appears. The agen t kit list vie w displays the precon[...]

  • Page 109

    4-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit Figur e 4-2 Creat e Agent Kit Once you click the Mak e Kit b utton and generat e ru les, CSA MC p roduces a kit for distrib ution (see Figure 4-3 ). Y ou m ay distrib ute the kit do wnload URL, via email for e xample, t[...]

  • Page 110

    Chapter 4 Quick Start Config uration Build an Agent Kit 4-10 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Note Note that the Re gistration Control feature also applies to the https://<sy stem name>/csamc52/kits URL. If th e Registration Control feature (see the User Guide for details on the feature) prevents your I[...]

  • Page 111

    4-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit The Cisco Security Agent • Users must hav e administrator pri vile ges on their sy stems to install the Cisco Security Agent software. • The Cisco Security A gent installs on supported Wi ndows, Linux, and Solaris [...]

  • Page 112

    Chapter 4 Quick Start Config uration View Registered Hosts 4-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 View Registered Hosts From CSA MC, you can see which hosts ha ve successfully re gistered b y accessing Hosts from the Systems link in the menu bar . This take s you to the Hosts list page. On t he right side of th[...]

  • Page 113

    4-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module This quarantine list u pdates automatically (dynamically) as logged quarantined files are recei ved. Y ou can use a file acce ss control rule to permanently qu arantine a kno wn virus as sho wn in this examp le. [...]

  • Page 114

    Chapter 4 Quick Start Config uration Configure a Rule Mo dule 4-14 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-5 Rule Module Cr eation View Create a File Ac cess Control Rule Step 1 From the Rule Module configurati on page ( Figure 4-5 ), click the Modify rules link at the top o f the page. Y ou are no w on th[...]

  • Page 115

    4-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module Figur e 4-6 Add Rules to Module Step 4 In the File access control ru le configuration vie w (see Figure 4-7 ), enter the follo wing information: • Description —Quarantined a nd Suspected V iru s Applications,[...]

  • Page 116

    Chapter 4 Quick Start Config uration Configure a Rule Mo dule 4-16 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 6 Select the Log checkbox. This means that the system action in que stion is l ogged and se nt to the server . Generally , you will want to turn logging on for all den y rules so you can mo nitor e vent act[...]

  • Page 117

    4-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module Figur e 4-7 File A ccess Contro l Rule[...]

  • Page 118

    Chapter 4 Quick Start Config uration Configure a Policy 4-18 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Configure a Policy Generally , when you configure a poli cy , you are co mbining multiple rule modules under a common name. That polic y name is th en attach ed to a grou p of hosts an d it uses the rules that compris[...]

  • Page 119

    4-19 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Policy Attach a Rule Module to a Policy T o apply our configured email quarantine rule module to the p olicy we’ ve created, do the following. Step 1 From Policy edit view , click the Modify rule module associations link. T[...]

  • Page 120

    Chapter 4 Quick Start Config uration Configure a Policy 4-20 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-8 Att ach P olicy to Group Generate Rule Programs No w that we’ ve conf igured our policy and attached it to a group , we’ll ne xt distrib ute the polic y to the agents that are part of the group. W e d[...]

  • Page 121

    4-21 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Policy Figur e 4-9 Gen erat e Rule Prog ram s Y ou can ensure that agents hav e received this polic y by clicking Hosts (accessible from Systems in the men u bar) and viewing the individual host status views. Click the Refres[...]

  • Page 122

    Chapter 4 Quick Start Config uration Configure a Policy 4-22 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Refer to the User Guide to read about the conf iguration tasks described here in more detail.[...]

  • Page 123

    A-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 APPENDIX A Cisco Security Agent Inst allation and Overview Overview This chapte r de s cr ibes the Cisc o Se cu rity Agent and pro vides information on the agent user interface. It al so includes installation i nformation for W indo ws, Linux, and Solaris agents. (This inf [...]

  • Page 124

    Appendix A Cisco Security Agent Installation an d Overview Downloading an d Installing A-2 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Downloading and Installing Once you bu ild an agent kit on CSA MC, you deli ver the generated URL, via email for exam ple, to end users so that the y can download and instal l the Cisco S[...]

  • Page 125

    A-3 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Downloading and Installin g Figur e A -1 Optional Ag ent Reboot If a system is no t rebooted follo wing the agent installation, the fol lowi ng functionality is not immediately a vailable. (This functionali ty becomes[...]

  • Page 126

    Appendix A Cisco Security Agent Installation an d Overview Downloading an d Installing A-4 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 After installation, the agent au tomatically and tran sparently re gisters with CSA MC. Y ou can see which hosts ha ve successfully registered b y clicking the Host s link a v ailable fro[...]

  • Page 127

    A-5 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Downloading and Installin g • Allow user to modify agent security settings —Sel ecting this checkbox in the Agent UI control rule pro vides System Security and Untrusted Applications feat ures. • Allow user to m[...]

  • Page 128

    Appendix A Cisco Security Agent Installation an d Overview Installing the Solaris Agent A-6 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Installing the Solaris Agent This section details t he commands you enter and the subsequent o utput that is displayed when you inst all the Cisco Security Agent on Solaris systems. Note[...]

  • Page 129

    A-7 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Installing the Solaris Agent Step 5 Answer yes (y) to continu e the installation. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you w[...]

  • Page 130

    Appendix A Cisco Security Agent Installation an d Overview Installing the Linux Age nt A-8 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Caution If you are upgr ading the Solaris agent and you encount er the follo wing error , "There is already an instance of the package and you cannot install due to administrator rul[...]

  • Page 131

    A-9 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Installing the Linux Agent Step 2 Untar the file. $ cd /tmp $ tar xvf CSA-Server_V5.2.0.218-lin-setup-1a96 9c667ddb0a2d2a8da3e7959 a30b2.tar Step 3 cd to CSCOcsa directory wher e the rpm package is located. $ cd /tmp/[...]

  • Page 132

    Appendix A Cisco Security Agent Installation an d Overview Installing the Linux Age nt A-10 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Caution On Linux systems, if yo u upgrade the k ernel versio n or boot a dif ferent kernel versio n than the initial v ersion where the agent wa s installed, you must uninstall and reins[...]

  • Page 133

    B-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 APPENDIX B Third Party Copyright Notices Cisco Security Agent utilizes third party softw are from v arious sources. Portions of this softwar e are copyrighted b y their respecti ve o wners as indicated in the copyright notices be low . OPENSSL [version 0.9.7L] Copyright (c)[...]

  • Page 134

    Appendix B Third Party Copy right Notices B-2 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 6. Redistrib utions of any form what soe ver must retain the fol lowing ackno wledgment: "This product includes so ftware d e v elo ped b y the OpenSSL Pr oject for use in the OpenSSL T oolkit (http://www .openssl.or g/)" [...]

  • Page 135

    B-3 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices Copyright remain s Eric Y oung’ s, and as su ch any Co pyright notices i n the code are not to be remov ed. If this package is used in a product, Eric Y oung should be gi v e n attrib ution as the author of the parts of th e librar[...]

  • Page 136

    Appendix B Third Party Copy right Notices B-4 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 A pache [version 2.0.59], Xerc es 2.7 and AxisCpp 1.6 Copyright © 2000-2005 The Apache Softwa re Foundation. All rights re served. Apache Lice nse V ersion 2.0, January 2004 http://www .apache.or g/licenses/ TERMS AND CONDITION S F[...]

  • Page 137

    B-5 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices whole, an original work of authorship . For the purposes o f this License, Deri v ativ e W orks shall not includ e wo rks that remain separable from, or merely link (or bind b y name) to the interf aces of, the W ork and Deriv ative [...]

  • Page 138

    Appendix B Third Party Copy right Notices B-6 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 contrib utory patent infringement, then an y patent licenses granted to Y ou under this License for that W ork sh all terminate as of the date such litigation is f iled. 4. Redistrib ution. Y ou may reproduce and distrib ute copies [...]

  • Page 139

    B-7 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices without an y additional terms or cond itions. Notwit hstanding the abo ve, nothing herein sh all supersede or modify the terms o f any separate license agreement you may ha ve ex ecuted with Licensor re garding such Contrib utions. 6[...]

  • Page 140

    Appendix B Third Party Copy right Notices B-8 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 TCL license This software is cop yrighted by the Re ge nts of the Univ ersity of California, Sun Microsystems , Inc., Scriptics Corpo ration, and other parti es. The following terms apply to all f iles associated with the softw are [...]

  • Page 141

    B-9 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices foregoin g, the authors grant th e U.S. Gov ernment and others actin g in its behalf permission to use and distrib ute the software in accordance with the terms specified in this license. Perl Copyright 1987 -2005, Larry W all Perl m[...]

  • Page 142

    Appendix B Third Party Copy right Notices B-10 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 IN CONTRA CT , STRICT LI ABILITY , OR TOR T (INCLUDI NG NEGLIGENCE OR OTHER WISE) ARISING IN ANY W A Y OUT OF THE USE OF THIS SOFTW ARE, EVEN IF AD VISED OF THE POSSIBILITY OF SUCH DA M AG E . CMU-SNMP Libraries This product contai[...]

  • Page 143

    B-11 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices licensing terms described here. If modif ications to this Software and Documentation ha ve new licensin g terms, the new te rms must be clearly indicated on the f irst page of each f ile where they ap ply . OPEN MARKET MAKES NO EXPR[...]

  • Page 144

    Appendix B Third Party Copy right Notices B-12 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 THE SOFTW ARE IS PR O VIDED "AS IS", WITHOUT W ARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NO T LIMITED TO THE W ARRANTIES OF MERC HANT ABILITY , FITNESS FOR A P AR TICULAR PURPOSE AND NONINFRIN GEMENT OF THIRD[...]

  • Page 145

    B-13 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices a. Installation and Use. Y o u may install and use an y number of copies of the software on your de vices. b. Included Microsoft Programs. The software con tains oth er Microsoft programs. These license terms apply to your use of th[...]

  • Page 146

    Appendix B Third Party Copy right Notices B-14 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 • include Distribu table Code in malicious, decepti ve or unla wful programs; or • modify or distrib ute the source code of any Distrib u table Code so that any part of i t becomes subject to an Excluded Licen se. An Excluded L[...]

  • Page 147

    B-15 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 7. TRANSFER TO A THIRD P AR TY . The first user of the software may transfer it and this agreemen t directly to a third party . Before the transfer , that party must agree t hat this agreement applies to the transfer and use of the [...]

  • Page 148

    Appendix B Third Party Copy right Notices B-16 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 MICR OSOFT EXCLUDES THE IMPLIED W ARRANTIES OF MERCHANT ABILITY , FITNESS FOR A P AR TICULAR PURPOSE AND NON-INFRINGEMENT . 14. LIMIT A TION ON AND EXCLUSION OF REMEDIES AND D AMAGES. Y OU CAN RECO VER FR OM MICR OSOFT AND ITS SUPP[...]

  • Page 149

    B-17 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices By using this supplemen t, you accept these terms. If you do n ot accept them, do not use thi s supplem ent. If you comply wi th these li cense te rms, you h av e the rights belo w . 1. SUPPOR T SER VICE S FOR SUPPLEMENT . Microsoft[...]

  • Page 150

    Appendix B Third Party Copy right Notices B-18 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 the right to disclose the results of benchmark tests it conducts of your products that comp ete with the .NET Componen t, provided i t complies with the same conditions abo ve. MarshallSoft Computing SMTP/POP3 Email Engine License [...]

  • Page 151

    B-19 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices Everyone is permi tted to copy and distri bute v erbatim copies of this license document, b ut changing it is not allo wed. [This is the fir st released version o f the Lesser GPL. It also counts as the successor of the GNU Library [...]

  • Page 152

    Appendix B Third Party Copy right Notices B-20 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 T o protec t each distributor , we want to ma ke it v ery clear that there is no warranty for the free libr ary . Also, if the library i s modifi ed by someone el se and passed on, the recipients should know that what they hav e is[...]

  • Page 153

    B-21 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices In other cases, permission to use a partic ular library in non -free programs enables a greater number of people to use a large body of free software. F o r example, permission to use the GNU C Libr ary in non-free programs enables [...]

  • Page 154

    Appendix B Third Party Copy right Notices B-22 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Acti vities other than cop ying, distrib ution and modif ication are not covered b y this License; they are outsid e its scope. The act of running a program using the Library is not restricted , and output from such a program is co[...]

  • Page 155

    B-23 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices These requirements apply to the m odifi ed work as a whole. I f identif iable sections of that wo rk are not deri ved from the Library , and can be reasonably considered independent and separate work s in themselves, then this Licen[...]

  • Page 156

    Appendix B Third Party Copy right Notices B-24 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 5. A program that con tains no deri vati ve of an y portion of the Library , but is designed to w ork with the Libr ary b y being compiled or link ed wit h it, is called a "work that uses the Library". Such a work , in is[...]

  • Page 157

    B-25 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices ex ecutable linked wi th the Library , with the c omplete mach ine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to pr oduce a modif ied e[...]

  • Page 158

    Appendix B Third Party Copy right Notices B-26 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 a) Accompany the comb ined library with a copy of the same work based on the Library , uncombined with an y other library facilities. This must be distrib uted under the terms of the Sections ab ov e. b) Giv e prominent notice with[...]

  • Page 159

    B-27 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices It is not the purpose of this sect ion to induce you to infr inge any patents or ot her property right claims or to con test vali dity of any such claims; this section has the sole purpose of protecti ng the integrit y of the free s[...]

  • Page 160

    Appendix B Third Party Copy right Notices B-28 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 THE COPYRIGHT HOLDERS AND/OR O THER P AR TIES PR O VIDE THE LIBRAR Y "AS IS" WITH OUT W ARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NO T LIMITED TO, THE IMPLIED W ARRANTIES O F MERCHANT ABILITY AND FI[...]

  • Page 161

    B-29 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices This library is free software; you can re distrib ute it and/or modify it under the terms of the GNU Lesser General Public Licen se as published b y the Free Software F oundation; either v ersion 2.1 of the License, o r (at your opt[...]

  • Page 162

    Appendix B Third Party Copy right Notices B-30 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 1.4. "Electronic Distrib ution Mechanism" means a mechanism generally accepted in the software dev e lopment community for the electronic transfer of data. 1.5. "Exe cu table" means Cov ered Code in any form oth[...]

  • Page 163

    B-31 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 1.12. "Y ou" (or "Y our") means an individual o r a legal en tity ex ercising rights under , and complying with all of the terms of, this License or a future version of this License issued under Section 6.1. F or[...]

  • Page 164

    Appendix B Third Party Copy right Notices B-32 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 (b) under P atent Claims infringed by the maki ng, using, or selling of Modifi cations made b y that Contrib utor either al one and/or in combination with its Co ntrib utor V ersion (or por tions of such combination), to mak e, use[...]

  • Page 165

    B-33 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices av ailable to such recipients. Y ou are re sponsible for ensuring that the Source Code version remains a vailable e v en if the El ectronic Dist rib ution Mechanism is maintained b y a third party . 3.3. Description of Mo dification[...]

  • Page 166

    Appendix B Third Party Copy right Notices B-34 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 also duplicate this License in any do cumentation for the Source Code where Y ou describe recipients' r ights o r o wne rship rights relating to Co v ered Code. Y ou may choose t o of fer , and to charge a fee for , warranty ,[...]

  • Page 167

    B-35 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices affect. Su ch description must be included i n the LEGAL file describ ed in Section 3.4 and must be includ ed with all distrib utions of the Source Code. Except to the e xtent prohibited by statute or regulation, such descriptio n m[...]

  • Page 168

    Appendix B Third Party Copy right Notices B-36 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 MERCHANT ABLE, FIT FOR A P AR TICULAR PURPOSE OR NON-INFRINGING. THE ENTIR E RISK AS TO THE QU ALITY AND PERFORMANCE OF THE C O VERED CODE IS WITH Y OU. SHOULD ANY CO VERED CODE PR O VE DEFECTIVE IN ANY RESPECT , YOU (NO T THE INIT[...]

  • Page 169

    B-37 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 8.3. If Y ou assert a patent infringement claim against Participant alle ging that such Parti cipant's Contribut or V ersion directly or indirectly i nfringes any patent wher e such claim is resolved (such as by license or se t[...]

  • Page 170

    Appendix B Third Party Copy right Notices B-38 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 This License represents the complete agreement concerning subje ct matter hereof. If any pro vision of this License is held to be unenforceable, such provision sh all be reformed only to the e xtent necessary to make it enforceable[...]

  • Page 171

    B-39 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices The Initial De veloper of the Original Code is ____ ________________ ____. Portions created b y ______________________ are Cop yright (C) ______ ____________ ___________. All Righ ts Reserved. Contrib utor(s): __ ________________ __[...]

  • Page 172

    Appendix B Third Party Copy right Notices B-40 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 provid ed to you b y Sun under t his Agreement. "Programs" mean Ja v a applets and applications intended to run o n the Jav a Platform, Standard Edition (Ja v a SE) on Jav a-enabled general purpose desktop com puters and [...]

  • Page 173

    B-41 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 6. LIMIT A TION OF LIABILITY . TO THE EXTENT NO T PROHIBITED BY LA W , IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PR OFIT OR DA T A , OR FOR SPECIAL, INDIRECT , CONSEQUENTIAL, INC IDENT AL OR PUNITIVE D AM[...]

  • Page 174

    Appendix B Third Party Copy right Notices B-42 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 in accordance with 48 CFR 227.7201 through 2 27.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.21 2 (for non-DOD acquisitions). 11. GO VERNING LA W . Any action related t o this Agreement will be[...]

  • Page 175

    B-43 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices you distrib ute the Software complete and unmodif ied and only bundled as part of, and for the sole purpose of runni ng, your Programs, (ii) the Progr ams add signif icant and primary functional ity to the Softwa re, (iii) you do no[...]

  • Page 176

    Appendix B Third Party Copy right Notices B-44 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01[...]

  • Page 177

    IN-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 INDEX A Active hosts 4-12 Add rule 4-14 Administrator local or LDA P authent ication 4-3 roles 4-3 Agent kits 4-7 optional reboot after install A-3 registration 4-7 user interface A-4 Agent (Linux) installing A-8 Agent (Solaris) installing A-6 migrating from V4.x 3-43 Agen[...]

  • Page 178

    Index IN-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 D Deployment overview 1-2 Detailed de scriptio n 4-4 Distributed configu ration 3-38 DNS environment s 1-9 F File access control rule 4-14 FireFox version support 1-10 Force reboot after inst all 4-8 G Generate rules 4-20 Generating confi gurations 4-20 Group configu[...]

  • Page 179

    IN-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Index Windows XP 1-14 Internet Explorer version support 1-9 L Licensing import infor mation 3-18, 3-31 Licensing information 3-2 Local database install 3-6 Log installati on 3-38 Login locally 3-39 remotely 3-39 M Make kit 4-8 Migrate to CSA MC, new version 3-40 migration_[...]

  • Page 180

    Index IN-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Q Quick start setup 4-1 R Reboot opti onal agent A-2, A-3 Registered hosts view 4-12 Remote access 3-39, 4-2 Remote database install 3-7 Requirements agent 1-5 cluster support 1-11 DNS and WINS 1-9 port availa bility 1-10 server 1-3 time and date settings 1-10 web br[...]

  • Page 181

    IN-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Index remote db and CSA MC system 3-21 Two servers 2-3 U Uninstall CSA MC 3-49 UNIX agent i nstall directo ry A-7 Upgrade n aming conven tions 3-42 V Verbose logging mode 4-6 Version labels 3-42 W Web-based user interface 1-2, 1-17 Web browser requirements 1-9 Windows Clus[...]

  • Page 182

    Index IN-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01[...]