Cisco Systems DOC-78-17916 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Cisco Systems DOC-78-17916. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoCisco Systems DOC-78-17916 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Cisco Systems DOC-78-17916 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Cisco Systems DOC-78-17916, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Cisco Systems DOC-78-17916 deve conte:
- dados técnicos do dispositivo Cisco Systems DOC-78-17916
- nome do fabricante e ano de fabricação do dispositivo Cisco Systems DOC-78-17916
- instruções de utilização, regulação e manutenção do dispositivo Cisco Systems DOC-78-17916
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Cisco Systems DOC-78-17916 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Cisco Systems DOC-78-17916 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Cisco Systems na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Cisco Systems DOC-78-17916, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Cisco Systems DOC-78-17916, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Cisco Systems DOC-78-17916. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Installing Management Center f or Cisco S ecurity A gents 5.2 Customer Order Number: DO C-78-17916[...]

  • Página 2

    THE SPECIFICA TIONS AND IN FORMA TION REGARDING THE PRODUCTS IN THIS MAN UAL ARE SUBJECT TO CHANGE WIT HOUT NO TICE. ALL ST A TEMENTS, INFORMA TION, AND RECOMMEND A TION S IN THIS MANU AL ARE BELIEVED TO BE A CCURA TE BU T ARE PRESENTED WITHOUT W ARRANTY OF ANY KIND, EX PRESS O R IMPL IED. USE RS MU ST T AKE FU LL RESPON SIBILITY FOR THEIR APPLICA [...]

  • Página 3

    i Book Title 78-17916-01 CONTENTS Preface v Audience 1-v Conventi ons 1-vi Obtaining Documentation 1-vii Cisco.com 1-vii Product Documentation DVD 1-vii Ordering Documentation 1-viii Documentation Feedback 1-viii Cisco Product Security Overview 1-viii Reporting Security Problems in Cisco Prod ucts 1-ix Product Alerts and Field Notices 1-x Obtaining[...]

  • Página 4

    Contents ii Book Title 78-17916-01 DNS and WINS Environments 1-9 Browser Requirements 1-9 Time and Date Req uirements 1-10 Port Availability 1-10 Windows Cluster Support 1-11 Internationalization Support 1-11 Internationalization Support Tables 1-12 About CSA MC 1-17 CHAPTER 2 Deployment Planning 2-1 Overview 2-1 Piloting the Product 2-2 Running a [...]

  • Página 5

    iii Book Title 78-17916-01 Contents Licensing Information 3-2 Installing V5.2 and Migrating Co nfigurations and Hosts from Previous Versions 3-3 Installation and Migration Overview 3-3 Local and Remote DB Installation Overview 3-6 Installing CSA MC with a Local Database 3-8 Installing CSA MC with a Remote Database 3-21 Installing CSA MC with a Prev[...]

  • Página 6

    Contents iv Book Title 78-17916-01 Configure a Policy 4-18 Attach a Ru le Module to a Policy 4-19 Attach a Policy to a Group 4-19 Generate Rule Programs 4-20 APPENDIX A Cisco Security Agent In st allation and Overview A-1 Overview A-1 Downloading and Installing A-2 The Cisco Security Agent User Interface A-4 Installing the Solaris Agent A-6 Install[...]

  • Página 7

    v Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface This manual de scribes how to configure the Manageme nt Center for Cisc o Security Agents on Microsoft W indo ws 2003 operating systems and the Cisco Security Agent on supported Micro soft W indo ws 2003, Microsoft W indo ws XP , Microsoft W indows 2000, Microsoft W i[...]

  • Página 8

    Preface Conventions vi Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Conventions This manual uses the following con ventions. Convention Purpose Example Bold text User interface field names and menu options. Click the Gr oups opti on. The Groups edit pag e appears. Italicized text Used t o emphasize text. Yo u m u s t sav[...]

  • Página 9

    vii Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Documentation Obtaining Documentation Cisco documentation and additi onal litera ture are a v ailable on Cisco.com. This section e xplains the product do cumentation resources that Cisco o ffers. Cisco.com Y ou can access the most current Ci sco documentat[...]

  • Página 10

    Preface Documentation Feedba ck viii Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Ordering Documentation Y ou must be a registered Ci sco.com user to access Cisco Marketplace. Registered users may order Cisco d ocumentation at t he Product Documentat ion Store at t his URL: http://www .cisco.com/go/marketplace/docsto re I[...]

  • Página 11

    ix Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Cisco Product Security O verview T o se e security advisories, security notices, and securi ty responses as they are updated in real ti me, you can subscribe t o the Product Security Inci dent Response T eam Really Simple Syndicat ion (PSIR T RSS) feed. Information a[...]

  • Página 12

    Preface Product Alerts and Field No tices x Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 If you do not ha ve or use PGP , contact PSIR T to find other means of encry pting the data before sending any sensiti ve material. Product Alerts and Field Notices Modifi cations to or updates abou t Ci sco products are annou nced in[...]

  • Página 13

    xi Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Techn ical Assistance Access to all tools on the Cisco Support website requires a Cisco.com user ID and password. If you ha ve a v alid service contract b ut do not hav e a user ID or password, you can re gister at this URL: http://tools.cisco.com/RPF/ regi[...]

  • Página 14

    Preface Obtaining Technical Assistance xii Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 solutions. If yo ur issue is not resolv ed using the recommended resources, your service request is assigned to a Cisco engineer . The T A C Service Request T ool is located at t his URL: http://www .cisco.com/techsupport/ servicereque[...]

  • Página 15

    xiii Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Preface Obtaining Additional Public ations and Information Obtaining Additional Publications and Information Information ab out Cisco products, tech nologies, and netw ork solutions is av ailable from v a rious online and printed sources. • The Cisco Online Subscription [...]

  • Página 16

    Preface Obtaining Additional Publ ications and Information xiv Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Networking Prof essionals Connection is an interacti ve website where networking pro fessionals share questions, sug gestions, and information about network ing products and techn ologies with Cisco e xperts and[...]

  • Página 17

    CH A P T E R 1-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 1 Prep aring to Inst all How the Cisco Security Agent Works The Cisco Security Agent pr ovides distrib uted security to your enterprise by deploying agen ts that defen d against the proliferation of attacks across networks and systems. These agents operate us i[...]

  • Página 18

    Chapter 1 Preparing t o Install Cisco Security Agent Ov erview 1-2 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Cisco Security Agent Overview Cisco Security Agent contains two components: • The Manageme nt Center for C isco Secu ri ty Agents (C SA MC)- in st al ls on a secured se rver an d includes a web se rver , a co[...]

  • Página 19

    1-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Before Proceeding Before Proceeding Before installing CSA MC softwa re, refer to the Release Notes for up- to-date information. No t doing so can result in the misconf iguration of your system. Make sure that y our system is compatible wit h [...]

  • Página 20

    Chapter 1 Preparing t o Install System Requirements 1-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Pager alerts require a Hayes Compatible Modem. • For opti mal vie wing of the CSA MC UI, you should set your display to a resolution of 1024 x768 or higher . • On a system where CSA MC has nev e r been installed, t[...]

  • Página 21

    1-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install System Requirements T o run the Cisco Security Agent on Windo ws servers and desktop systems, the requirements are as follows: Ta b l e 1 - 2 A gent Requirements (Windo ws) Sy stem Component Requi remen t Processor Intel Pentium 200 MHz or hi[...]

  • Página 22

    Chapter 1 Preparing t o Install System Requirements 1-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Hard Dri ve Space 50 MB or higher Note This includes program an d data. Network Ethern et or Dial up Note Maximum of 64 IP addr esses supported on a system. Sy stem Component Requirement[...]

  • Página 23

    1-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install System Requirements T o run the Cisco Security Agent on your So laris server systems, the requirements are as follows: Ta b l e 1 -3 A gent Requirements (Solar is) Sy stem Component Requi remen t Processor UltraSP ARC 400 MHz or higher Note Un[...]

  • Página 24

    Chapter 1 Preparing t o Install System Requirements 1-8 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Caution On Solaris systems running Cisco Security Agents, if you add a ne w type of Ethernet interface to the sy stem, you must reboot t hat system twice for the agent to detect it and apply rules to it accordingly . T o [...]

  • Página 25

    1-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Environment Requirements Caution When upgrading or changing operating systems, un install the agent f irst. When the ne w operating system is in place, you can install a new agent kit. Because the agent installation e xamines the operating sy[...]

  • Página 26

    Chapter 1 Preparing t o Install Environment Requirements 1-10 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Y ou must ha v e cookies enabled. This means using a maximum sett ing of "medium" as your Internet security se tting . Locate this fea ture f rom the follo wing menu, T ools>Internet Options. Click t[...]

  • Página 27

    1-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Internationalization Support Windows Cluster Support Cisco Security Agent supports Netw ork Load Balancing and Serv er Cluster for W indows 2003 an d 2000 Serv er platforms. Cluster support m ay require certain network permission s to operat[...]

  • Página 28

    Chapter 1 Preparing t o Install Internationalization Support 1-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Explanation of terms: Localized: Cisco Security Agent kits cont ain localized support for the languages identif ied in Ta b l e 1-5 . This support is automatic in e ach agent kit and no action is required b y the[...]

  • Página 29

    1-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install Internationaliza tion Support Interface (MUI) supported languages, installs are always in Eng lish (Installshield does not support MUI), and the UI/dialogs are in English unless the desk top is Chinese (Simplified), French, German, It alian, [...]

  • Página 30

    Chapter 1 Preparing t o Install Internationalization Support 1-14 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Ta b l e 1 -8 Windows XP Support Greek S NA NA Hebre w NS NA NA Hungarian SS NA Italian L L(S) NA Japanese L L(S) L(S) Ko r e a n L L(S) L(S) Norweg ian S NA NA Polish TT NA Portuguese SS NA Russia n SS NA Spanis[...]

  • Página 31

    1-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Pr eparing to Install Internationalization Support Ta b l e 1 - 9 Windows 2003 Support Greek S S Hebre w NS NS Hungarian S S Italian L L(S) Japanese L L(S) Ko r e a n L L(S) Norweg ian S S Polish T T Portuguese S S Russia n S S Spanish L L(S) Swedish S S Tu r k i[...]

  • Página 32

    Chapter 1 Preparing t o Install Internationalization Support 1-16 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 On non-localized b ut tested and supported language platform s, the administrator is responsible for polic y changes aris ing from direct ory naming v a riations between languages. If the pre vious operat ing sys[...]

  • Página 33

    1-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 1 Preparing to Install About CSA MC Figur e 1 -2 Diagnosis fo r Localized Ho st About CSA MC The CSA MC user interface installs as pa r t of t h e ove r a ll C i sco Security Agent solution inst allation. It is thr ough a web- based in terface that all securi ty po[...]

  • Página 34

    Chapter 1 Preparing t o Install About CSA MC 1-18 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 1 -3 CSA MC, T op Lev el View[...]

  • Página 35

    CH A P T E R 2-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 2 Deployment Planning Overview This section pro v ides information on deplo ying the product as part of pilot program and scaling the product to 100,000 agent deplo yments. This section contains the following topics: • Piloting the Pro duct, page 2-2 • Runn[...]

  • Página 36

    Chapter 2 Dep loyment Planning Piloting the Product 2-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Piloting the Product Before deployin g Cisco Security Agents (CSA ) on a lar ge scale, it is critical that you run a manageable and modest initial p ilot of the product. Ev en in a CSA upgrade situation, a pilot p rogram i[...]

  • Página 37

    2-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Scalable Deployments • How long should a pilot pr ogr am run? Basically , the deployin g and tuning of policies is an iterati ve process. Initiall y , you will ha ve a great deal of e vent log noise to parse. Y ou must examin e the data comin[...]

  • Página 38

    Chapter 2 Dep loyment Planning Scalable Deployments 2-4 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Hardwar e Conf igurations: 1. Single processor Pent ium 4 (3Ghz+) with 2 GB RAM 2. Dual processor Xeon (2.5 Ghz+) with 4 GB RAM 3. Quad processor Xeon (2.5 Ghz+) wi th 8 GB RAM 4. Eight-W ay Xeon (2.5 Ghz+) w ith 8 GB RAM[...]

  • Página 39

    2-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Scalable Deployments Software Considerations • CSA MC is only supported o n W indows 2003 R2 Standard an d Enterprise operating systems. Only Hardware C onf igurations 1 and 2 (referenced in pre vious tables) supp ort W indows 2003 R2 Standar[...]

  • Página 40

    Chapter 2 Dep loyment Planning Scalable Deployments 2-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Factors in Network Sizing Y ou can use the follo wing data points for computing product network usage. The follo wing numbers a verage tasks based on the upper limit of a 100 ,000 agent deployment. Agent and Conf iguration[...]

  • Página 41

    2-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting • Agent update (with CT A) (do wnstream): 16666.67 Kb/sec, durin g update timeframe As an example o f ho w you could compute netw ork load using the data points provided here, take 100,000 agents, each genera[...]

  • Página 42

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Use the supplied groups and if neces sary define addi tional groups for eac h distinct desktop and server type in you r network. In your p ilot, you should hav e some participants that are using each desk[...]

  • Página 43

    2-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting logging the beh avior of the rules used by members of th e Administrator group. Monitor policies can be used in cle ver ways to focus in on specif ic beha vior without interrup ting applications and services. ?[...]

  • Página 44

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-10 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 understand the beha vior of the application, craft a polic y , place it i n test mode on the pilot machines, an d examine the e vent log. Use the techniques in the rest of this section to tune/troubleshoo t [...]

  • Página 45

    2-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting If one of the rule modules wi thin a policy is n ot behavi ng as expected , you can place it in test mode wh ile still keeping the remaining rule modules in li ve mode. T o do this, select the Te s t M o d e c[...]

  • Página 46

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caching and Resetting Query Responses Rules can be configured with enforcement actions of allo w , deny , terminate, or query the user . In some cases, there are ru les that already query the user but do so [...]

  • Página 47

    2-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 2 Deployment Planning Policy Tuning and Troubleshooting Setting Up Exception Rules In some cases, you need two or m ore different r ules to completely specify the desired actions to a specific e vent. For example, you could have one rule that denies all application[...]

  • Página 48

    Chapter 2 Dep loyment Planning Policy Tuning and Trou bleshooting 2-14 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Whether you want the exceptio n rule base d on the appl ication specified in the e vent or whet her you want to base it on a ne w application class. After you click Finish in the wizard, the MC displ ays[...]

  • Página 49

    CH A P T E R 3-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 3 Inst alling the Management Center for Cisco Security Agent s Overview This chapter pro vides instructions for installing CSA MC. Once you ha ve re vie wed the preliminary information outli ned in the pre vious chapter , you are ready to proceed. It is through[...]

  • Página 50

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Licensing Information 3-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Installation Log, pag e 3-38 • Accessing Management Center f or Cisco Security Agents, page 3-39 • Migration Instruct ions, page 3-40 • Initiating Secure Co mmunications, p[...]

  • Página 51

    3-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Installing V5 .2 and Migrat ing Configura t ions and Hosts from Previous Ve rsions Installing V5.2 and Migrating Configurations and Hosts from Previous Versions If you ha ve pre vious versions (V5.1, V5.0,[...]

  • Página 52

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Installation and Migration Overview 3-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Scenario 2 - Migrating V5.1 to V5.2 - Separate Systems: Y ou can install V5.2 on a ne w machine and use the prov ided migration too ls to mov e V5.1 config urations[...]

  • Página 53

    3-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Installation and Mig ration Overview Figur e 3-1 Supported Migration P aths The CSA MC V5.2 installation does not automatically upgrad e or ov erwrite the older installations. Ultimately , the migration pr[...]

  • Página 54

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Dir ectory P aths P e r V ersion Cisco SystemsCSAMCCSAMC52 Cisco SystemsCSAMCCSAMC51 CSCOpxCSA MC50 Local and Remote DB Installation Overview Y ou must ha v[...]

  • Página 55

    3-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Note If your plan is to use SQL Serv er 2005, it is recommended that you cho ose one of the other installatio n configur ation options rather t han the local datab[...]

  • Página 56

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Using this conf iguration, you can deploy up to 100,000 agents. Ha ving two CSA MCs lets you use on e MC for host registration and pol ling and an other MC for e[...]

  • Página 57

    3-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Step 1 Log on as a local Administ rator on your Micro soft Server W indo ws 2003 R2 Standard or Enterprise system. Step 2 Put the Management Center for Cisco Secur[...]

  • Página 58

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-10 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-3 CSA MC EULA License Agr eement Step 5 The installati on check i f th e needed ports are available. Figur e 3-4 Installation P ort Chec k Step 6 The[...]

  • Página 59

    3-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-5 Upgr ade Question Windo w Step 7 The install then be gins by promptin g you to select a database location. In this case, you will keep the default sel[...]

  • Página 60

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-12 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Note For installat ions exceeding 1,0 00 agents, it is recommended that you install Microsoft SQL Serv er 2005 instead of using the Microsoft S QL Server Micro[...]

  • Página 61

    3-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-8 SQL Server Installation Direct ory Selection SQL Server Ex press Edition installs .NET Frame work on the syst em and continues to perform conf igurati[...]

  • Página 62

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-14 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-9 SQL Serv er Expr ess Edition Config uration Status Windo w Note When the Microsoft SQL Serv er Express Edition installat ion finishes, t he CSA MC [...]

  • Página 63

    3-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-1 0 Enter A dministrator Name and P assword Step 11 Y ou are ne xt prompted to select whet her or not you w ant the system to automatically reboot once [...]

  • Página 64

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-16 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-12 Begin Install The install then pr oceeds copying the necessary files to your sys tem. (See Figure 3-13 .). The installation process then continues[...]

  • Página 65

    3-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-13 Copy Files[...]

  • Página 66

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-18 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-14 Installation Proceeds Note When the CSA MC installation completes, an agent installa tion automaticall y begins. It is recommended that an ag ent [...]

  • Página 67

    3-19 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Microsoft SQL Server 2005 and 2000 Local Installation Notes Note The follow ing instructions are only intended for administrat ors choosing to install CSA MC and [...]

  • Página 68

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-20 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • In the Setup T yp e installation windo w , choose the Ty p i c a l radio bu tton and in the Destin ation Folder section, clic k the various Br owse b uttons[...]

  • Página 69

    3-21 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Caution If you are installin g both CSA MC and the database to t he same machine with the provid ed Microsoft SQL Serv er Express database, y ou should install Mi[...]

  • Página 70

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-22 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caution Y ou must install a Cisco S ecurity Agent on this remote database. This agen t should be in the foll owing gro ups: Servers-SQL Serv er, Serv ers-All ty[...]

  • Página 71

    3-23 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview • (SQL Server 2005 - only instruction) Right -click on the server name and vie w Properties. On the left side of the Properties panel, click Permissi ons. In th[...]

  • Página 72

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-24 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Once this is configured, you can be gin the CSA MC instal lation. Before be ginning, e xit any other programs you ha v e running on the system where you are ins[...]

  • Página 73

    3-25 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-15 CSA MC EULA License Agr eem ent Step 5 The installation asks if you are up grading from a V5.0 Management Center . In this case, click No to contin u[...]

  • Página 74

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-26 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 • Name of the server • Name of the database • Login ID • Password Figur e 3-1 7 Remote D atabase Infor mation Step 7 Once you enter the databa se infor[...]

  • Página 75

    3-27 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-18 Installation Dir ectory Step 9 Y ou are n ext prompted t o enter Administrator Name and Passw ord informat ion. This the user name and password you w[...]

  • Página 76

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-28 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-19 Enter Ad ministrator Name and P a sswor d Y ou are n ext prompted t o select whether or not you w ant the system to automatically reboot once the [...]

  • Página 77

    3-29 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-21 Begin Install The install then proceeds copying the necessary files to your system (see Figure 3-22 ).[...]

  • Página 78

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-30 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-22 Copy Files Once the copying i s complete, the inst allation begi ns config uration and setup tasks. See Figure 3-23 .[...]

  • Página 79

    3-31 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-23 Installation Proceeds Note When the CSA MC installation completes, an agent installa tion automaticall y begins. It is recommended th at an agent pro[...]

  • Página 80

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-32 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Installing CSA MC with a Previous Version’s Database (Same System Installation) This section addresses the procedure for backing up and importing a 5.0 d atab[...]

  • Página 81

    3-33 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-24 CSA MC Installa tion Welcome Scr een Step 5 After you click Ne xt in the welcome screen, various system checks are performed before the system instal[...]

  • Página 82

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-34 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-25 CSA MC EULA License Agr eem ent Step 7 The installation asks if you are up grading from a V5.0 Management Center . In this case, click Ye s to con[...]

  • Página 83

    3-35 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-27 Select V5.0 D atabase T ype Step 9 If you select Local Database, you are n ext ask ed to browse to the loca tion of the backed-up V5.0 database. Once[...]

  • Página 84

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-36 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-28 Br owse t o Back ed-up V5.0 Database Step 10 Once the V 5.0 local or remote dat abase is locate d, the instal lation will p roceed to install CSA [...]

  • Página 85

    3-37 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figur e 3-29 User name and Passw ord Creation for V5.1 From here, you can continue b y follo w ing the procedures detailed in Installing CSA MC with a Local Datab[...]

  • Página 86

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Local and Remo te DB Installation Overview 3-38 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Caution When installing two CSA MCs, t he first MC you install automatically becomes the polling and loggin g MC. The second MC acts as the conf iguration MC. D[...]

  • Página 87

    3-39 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents When the installation has completed and you’ ve rebooted the system, a Management Center for C[...]

  • Página 88

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents 3-40 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 3-30 CSA MC Login W indow Migration Instructions The follo wing section con tains information for migrating to CSA MC V5.2 fro m a pre vious[...]

  • Página 89

    3-41 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Step 1 Install the Management Center for Cisc o Security Agents V5. 2. See pre vious sections for instructi ons. • If you’ re installing CSA MC V5[...]

  • Página 90

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Accessing Management Center for Cisco Security Ag ents 3-42 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 5 Next you copy the migration_data_ export.xml and all the migration_host_data<number>.dat f iles from the V5.x or V4.x system to your V5[...]

  • Página 91

    3-43 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Note Agent kits are configuration items that do not migrate to th e new v ersion. Because host migration does not relate to agent k its, old agents ki[...]

  • Página 92

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Initiating Secure Communications 3-44 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Upgrade Note Newer v e rsions of policies are not automatically attached to the auto-enrollment groups during upgr ade. If you want to upd ate the mandatory po licies, yo[...]

  • Página 93

    3-45 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Se cure Communicati ons Figur e 3-31 Certificat e Infor mation[...]

  • Página 94

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Initiating Secure Communications 3-46 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Step 4 The first Certif icate Manage r Import pa ge contains an overvie w of ce rtificate information. Click Next to continu e. Step 5 From the Select a Certif icate Sto[...]

  • Página 95

    3-47 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Se cure Communicati ons Step 6 Y ou’ ve no w imported your certif icate for the serv er . Click the Finish button ( Figure 3-33 ) to continue. Figur e 3-33 Certificat e Wizard Finish P age[...]

  • Página 96

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Internet Explorer 7.0: Importing th e Root Certificate 3-48 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 7 Now , you must save the certif icate. Click the Ye s but ton in the Root Certif icate Store box. Step 8 Y ou are n ext prompted w ith a conf [...]

  • Página 97

    3-49 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Uninstalling Management Center fo r Cisco Security Agents Figur e 3-34 Inter net Explorer 7 .0 Certificat e Screen Uninstalling Management Center for Cisco Security Agents Uninstall the CSA MC software as[...]

  • Página 98

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files 3-50 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Note Uninstalling CSA MC does not uninst all the Microsoft SQL Serv er Desktop Engine (database). Y ou m ust uninstall this separately from the Control P anel>[...]

  • Página 99

    3-51 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 3 Installing the Management Center for Cisco Security Agents Copying Cisco Trust A gent Installer Files double-click the CtaAdminEx- xxx-xxx**.e xe f ile and agree to the EULA (license) to e xtract the ctasetup-xxx-xx x.msi file. It is this msi f ile that you copy [...]

  • Página 100

    Chapter 3 Installing the Managem ent Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files 3-52 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01[...]

  • Página 101

    CH A P T E R 4-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 4 Quick S t art Configuration Overview This chapter pro vides the basic setup information you need to start using the Management Center for Ci sco Security Agents to conf igure some preliminary groups and b uild agent kits. The goal of this chapter is to help y[...]

  • Página 102

    Chapter 4 Quick Start Config uration Access Management Cent er for Cisco Security Ag ents 4-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 • Config ure a Rule Module, page 4-1 2 • Config ure a Policy , page 4-18 • Attach a Rule Module to a Polic y , page 4-19 • Attach a Policy to a Group, page 4- 19 • Generate R[...]

  • Página 103

    4-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Access Management Center fo r Cisco Security Agents Administrator Roles in CSA MC Administrators can ha ve dif ferent le vels of CSA MC d atabase access pri vileges. The initial administrator cr eated b y the CSA MC insta llati on aut oma[...]

  • Página 104

    Chapter 4 Quick Start Config uration Cisco Security Agent Policies 4-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Cisco Security Agent Policies CSA MC default Cisco Secu rity Agent kits, groups, policies, and co nfigu ration v ariables are designed to provi de a high lev el of security coverage for deskt ops and servers[...]

  • Página 105

    4-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Group Configure a Group Host groups reduce the admini strati ve b u rden of ma naging a large number of agents. Grouping hosts t ogether also lets you apply th e same policy to a number of hosts. A group is the only element re[...]

  • Página 106

    Chapter 4 Quick Start Config uration Configure a Gro up 4-6 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-1 Gr oup Configuration V iew Step 4 Cisco suggests that you select the Te s t M o d e checkbox (av ailable from the Rule overrides section) for this group. In T est Mode, the po licy we will lat er apply to [...]

  • Página 107

    4-7 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit Build an Agent Kit Note The Manageme nt Center for C isco Security Age nts ships with preconfigured agent kits you can use to download and in stall agents if the y meet your initial needs (accessible from System>Agen[...]

  • Página 108

    Chapter 4 Quick Start Config uration Build an Agent Kit 4-8 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 T o create a Cisco Security Agent kit, d o the follo wing. Step 1 Move the mouse o ver Systems in the menu bar and select Ag ent Kits from the drop-do wn menu that appears. The agen t kit list vie w displays the precon[...]

  • Página 109

    4-9 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit Figur e 4-2 Creat e Agent Kit Once you click the Mak e Kit b utton and generat e ru les, CSA MC p roduces a kit for distrib ution (see Figure 4-3 ). Y ou m ay distrib ute the kit do wnload URL, via email for e xample, t[...]

  • Página 110

    Chapter 4 Quick Start Config uration Build an Agent Kit 4-10 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Note Note that the Re gistration Control feature also applies to the https://<sy stem name>/csamc52/kits URL. If th e Registration Control feature (see the User Guide for details on the feature) prevents your I[...]

  • Página 111

    4-11 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Build an Agent Kit The Cisco Security Agent • Users must hav e administrator pri vile ges on their sy stems to install the Cisco Security Agent software. • The Cisco Security A gent installs on supported Wi ndows, Linux, and Solaris [...]

  • Página 112

    Chapter 4 Quick Start Config uration View Registered Hosts 4-12 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 View Registered Hosts From CSA MC, you can see which hosts ha ve successfully re gistered b y accessing Hosts from the Systems link in the menu bar . This take s you to the Hosts list page. On t he right side of th[...]

  • Página 113

    4-13 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module This quarantine list u pdates automatically (dynamically) as logged quarantined files are recei ved. Y ou can use a file acce ss control rule to permanently qu arantine a kno wn virus as sho wn in this examp le. [...]

  • Página 114

    Chapter 4 Quick Start Config uration Configure a Rule Mo dule 4-14 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-5 Rule Module Cr eation View Create a File Ac cess Control Rule Step 1 From the Rule Module configurati on page ( Figure 4-5 ), click the Modify rules link at the top o f the page. Y ou are no w on th[...]

  • Página 115

    4-15 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module Figur e 4-6 Add Rules to Module Step 4 In the File access control ru le configuration vie w (see Figure 4-7 ), enter the follo wing information: • Description —Quarantined a nd Suspected V iru s Applications,[...]

  • Página 116

    Chapter 4 Quick Start Config uration Configure a Rule Mo dule 4-16 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Step 6 Select the Log checkbox. This means that the system action in que stion is l ogged and se nt to the server . Generally , you will want to turn logging on for all den y rules so you can mo nitor e vent act[...]

  • Página 117

    4-17 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Ru le Module Figur e 4-7 File A ccess Contro l Rule[...]

  • Página 118

    Chapter 4 Quick Start Config uration Configure a Policy 4-18 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Configure a Policy Generally , when you configure a poli cy , you are co mbining multiple rule modules under a common name. That polic y name is th en attach ed to a grou p of hosts an d it uses the rules that compris[...]

  • Página 119

    4-19 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Policy Attach a Rule Module to a Policy T o apply our configured email quarantine rule module to the p olicy we’ ve created, do the following. Step 1 From Policy edit view , click the Modify rule module associations link. T[...]

  • Página 120

    Chapter 4 Quick Start Config uration Configure a Policy 4-20 Installing Management Ce nter for Cisco Security Agents 5. 2 78-17916-01 Figur e 4-8 Att ach P olicy to Group Generate Rule Programs No w that we’ ve conf igured our policy and attached it to a group , we’ll ne xt distrib ute the polic y to the agents that are part of the group. W e d[...]

  • Página 121

    4-21 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Chapter 4 Quick Start Configuration Configure a Policy Figur e 4-9 Gen erat e Rule Prog ram s Y ou can ensure that agents hav e received this polic y by clicking Hosts (accessible from Systems in the men u bar) and viewing the individual host status views. Click the Refres[...]

  • Página 122

    Chapter 4 Quick Start Config uration Configure a Policy 4-22 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Refer to the User Guide to read about the conf iguration tasks described here in more detail.[...]

  • Página 123

    A-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 APPENDIX A Cisco Security Agent Inst allation and Overview Overview This chapte r de s cr ibes the Cisc o Se cu rity Agent and pro vides information on the agent user interface. It al so includes installation i nformation for W indo ws, Linux, and Solaris agents. (This inf [...]

  • Página 124

    Appendix A Cisco Security Agent Installation an d Overview Downloading an d Installing A-2 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Downloading and Installing Once you bu ild an agent kit on CSA MC, you deli ver the generated URL, via email for exam ple, to end users so that the y can download and instal l the Cisco S[...]

  • Página 125

    A-3 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Downloading and Installin g Figur e A -1 Optional Ag ent Reboot If a system is no t rebooted follo wing the agent installation, the fol lowi ng functionality is not immediately a vailable. (This functionali ty becomes[...]

  • Página 126

    Appendix A Cisco Security Agent Installation an d Overview Downloading an d Installing A-4 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 After installation, the agent au tomatically and tran sparently re gisters with CSA MC. Y ou can see which hosts ha ve successfully registered b y clicking the Host s link a v ailable fro[...]

  • Página 127

    A-5 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Downloading and Installin g • Allow user to modify agent security settings —Sel ecting this checkbox in the Agent UI control rule pro vides System Security and Untrusted Applications feat ures. • Allow user to m[...]

  • Página 128

    Appendix A Cisco Security Agent Installation an d Overview Installing the Solaris Agent A-6 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Installing the Solaris Agent This section details t he commands you enter and the subsequent o utput that is displayed when you inst all the Cisco Security Agent on Solaris systems. Note[...]

  • Página 129

    A-7 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Installing the Solaris Agent Step 5 Answer yes (y) to continu e the installation. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you w[...]

  • Página 130

    Appendix A Cisco Security Agent Installation an d Overview Installing the Linux Age nt A-8 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Caution If you are upgr ading the Solaris agent and you encount er the follo wing error , "There is already an instance of the package and you cannot install due to administrator rul[...]

  • Página 131

    A-9 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix A Cisco Security Agent Installation and Overview Installing the Linux Agent Step 2 Untar the file. $ cd /tmp $ tar xvf CSA-Server_V5.2.0.218-lin-setup-1a96 9c667ddb0a2d2a8da3e7959 a30b2.tar Step 3 cd to CSCOcsa directory wher e the rpm package is located. $ cd /tmp/[...]

  • Página 132

    Appendix A Cisco Security Agent Installation an d Overview Installing the Linux Age nt A-10 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Caution On Linux systems, if yo u upgrade the k ernel versio n or boot a dif ferent kernel versio n than the initial v ersion where the agent wa s installed, you must uninstall and reins[...]

  • Página 133

    B-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 APPENDIX B Third Party Copyright Notices Cisco Security Agent utilizes third party softw are from v arious sources. Portions of this softwar e are copyrighted b y their respecti ve o wners as indicated in the copyright notices be low . OPENSSL [version 0.9.7L] Copyright (c)[...]

  • Página 134

    Appendix B Third Party Copy right Notices B-2 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 6. Redistrib utions of any form what soe ver must retain the fol lowing ackno wledgment: "This product includes so ftware d e v elo ped b y the OpenSSL Pr oject for use in the OpenSSL T oolkit (http://www .openssl.or g/)" [...]

  • Página 135

    B-3 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices Copyright remain s Eric Y oung’ s, and as su ch any Co pyright notices i n the code are not to be remov ed. If this package is used in a product, Eric Y oung should be gi v e n attrib ution as the author of the parts of th e librar[...]

  • Página 136

    Appendix B Third Party Copy right Notices B-4 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 A pache [version 2.0.59], Xerc es 2.7 and AxisCpp 1.6 Copyright © 2000-2005 The Apache Softwa re Foundation. All rights re served. Apache Lice nse V ersion 2.0, January 2004 http://www .apache.or g/licenses/ TERMS AND CONDITION S F[...]

  • Página 137

    B-5 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices whole, an original work of authorship . For the purposes o f this License, Deri v ativ e W orks shall not includ e wo rks that remain separable from, or merely link (or bind b y name) to the interf aces of, the W ork and Deriv ative [...]

  • Página 138

    Appendix B Third Party Copy right Notices B-6 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 contrib utory patent infringement, then an y patent licenses granted to Y ou under this License for that W ork sh all terminate as of the date such litigation is f iled. 4. Redistrib ution. Y ou may reproduce and distrib ute copies [...]

  • Página 139

    B-7 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices without an y additional terms or cond itions. Notwit hstanding the abo ve, nothing herein sh all supersede or modify the terms o f any separate license agreement you may ha ve ex ecuted with Licensor re garding such Contrib utions. 6[...]

  • Página 140

    Appendix B Third Party Copy right Notices B-8 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 TCL license This software is cop yrighted by the Re ge nts of the Univ ersity of California, Sun Microsystems , Inc., Scriptics Corpo ration, and other parti es. The following terms apply to all f iles associated with the softw are [...]

  • Página 141

    B-9 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices foregoin g, the authors grant th e U.S. Gov ernment and others actin g in its behalf permission to use and distrib ute the software in accordance with the terms specified in this license. Perl Copyright 1987 -2005, Larry W all Perl m[...]

  • Página 142

    Appendix B Third Party Copy right Notices B-10 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 IN CONTRA CT , STRICT LI ABILITY , OR TOR T (INCLUDI NG NEGLIGENCE OR OTHER WISE) ARISING IN ANY W A Y OUT OF THE USE OF THIS SOFTW ARE, EVEN IF AD VISED OF THE POSSIBILITY OF SUCH DA M AG E . CMU-SNMP Libraries This product contai[...]

  • Página 143

    B-11 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices licensing terms described here. If modif ications to this Software and Documentation ha ve new licensin g terms, the new te rms must be clearly indicated on the f irst page of each f ile where they ap ply . OPEN MARKET MAKES NO EXPR[...]

  • Página 144

    Appendix B Third Party Copy right Notices B-12 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 THE SOFTW ARE IS PR O VIDED "AS IS", WITHOUT W ARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NO T LIMITED TO THE W ARRANTIES OF MERC HANT ABILITY , FITNESS FOR A P AR TICULAR PURPOSE AND NONINFRIN GEMENT OF THIRD[...]

  • Página 145

    B-13 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices a. Installation and Use. Y o u may install and use an y number of copies of the software on your de vices. b. Included Microsoft Programs. The software con tains oth er Microsoft programs. These license terms apply to your use of th[...]

  • Página 146

    Appendix B Third Party Copy right Notices B-14 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 • include Distribu table Code in malicious, decepti ve or unla wful programs; or • modify or distrib ute the source code of any Distrib u table Code so that any part of i t becomes subject to an Excluded Licen se. An Excluded L[...]

  • Página 147

    B-15 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 7. TRANSFER TO A THIRD P AR TY . The first user of the software may transfer it and this agreemen t directly to a third party . Before the transfer , that party must agree t hat this agreement applies to the transfer and use of the [...]

  • Página 148

    Appendix B Third Party Copy right Notices B-16 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 MICR OSOFT EXCLUDES THE IMPLIED W ARRANTIES OF MERCHANT ABILITY , FITNESS FOR A P AR TICULAR PURPOSE AND NON-INFRINGEMENT . 14. LIMIT A TION ON AND EXCLUSION OF REMEDIES AND D AMAGES. Y OU CAN RECO VER FR OM MICR OSOFT AND ITS SUPP[...]

  • Página 149

    B-17 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices By using this supplemen t, you accept these terms. If you do n ot accept them, do not use thi s supplem ent. If you comply wi th these li cense te rms, you h av e the rights belo w . 1. SUPPOR T SER VICE S FOR SUPPLEMENT . Microsoft[...]

  • Página 150

    Appendix B Third Party Copy right Notices B-18 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 the right to disclose the results of benchmark tests it conducts of your products that comp ete with the .NET Componen t, provided i t complies with the same conditions abo ve. MarshallSoft Computing SMTP/POP3 Email Engine License [...]

  • Página 151

    B-19 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices Everyone is permi tted to copy and distri bute v erbatim copies of this license document, b ut changing it is not allo wed. [This is the fir st released version o f the Lesser GPL. It also counts as the successor of the GNU Library [...]

  • Página 152

    Appendix B Third Party Copy right Notices B-20 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 T o protec t each distributor , we want to ma ke it v ery clear that there is no warranty for the free libr ary . Also, if the library i s modifi ed by someone el se and passed on, the recipients should know that what they hav e is[...]

  • Página 153

    B-21 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices In other cases, permission to use a partic ular library in non -free programs enables a greater number of people to use a large body of free software. F o r example, permission to use the GNU C Libr ary in non-free programs enables [...]

  • Página 154

    Appendix B Third Party Copy right Notices B-22 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 Acti vities other than cop ying, distrib ution and modif ication are not covered b y this License; they are outsid e its scope. The act of running a program using the Library is not restricted , and output from such a program is co[...]

  • Página 155

    B-23 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices These requirements apply to the m odifi ed work as a whole. I f identif iable sections of that wo rk are not deri ved from the Library , and can be reasonably considered independent and separate work s in themselves, then this Licen[...]

  • Página 156

    Appendix B Third Party Copy right Notices B-24 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 5. A program that con tains no deri vati ve of an y portion of the Library , but is designed to w ork with the Libr ary b y being compiled or link ed wit h it, is called a "work that uses the Library". Such a work , in is[...]

  • Página 157

    B-25 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices ex ecutable linked wi th the Library , with the c omplete mach ine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to pr oduce a modif ied e[...]

  • Página 158

    Appendix B Third Party Copy right Notices B-26 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 a) Accompany the comb ined library with a copy of the same work based on the Library , uncombined with an y other library facilities. This must be distrib uted under the terms of the Sections ab ov e. b) Giv e prominent notice with[...]

  • Página 159

    B-27 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices It is not the purpose of this sect ion to induce you to infr inge any patents or ot her property right claims or to con test vali dity of any such claims; this section has the sole purpose of protecti ng the integrit y of the free s[...]

  • Página 160

    Appendix B Third Party Copy right Notices B-28 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 THE COPYRIGHT HOLDERS AND/OR O THER P AR TIES PR O VIDE THE LIBRAR Y "AS IS" WITH OUT W ARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NO T LIMITED TO, THE IMPLIED W ARRANTIES O F MERCHANT ABILITY AND FI[...]

  • Página 161

    B-29 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices This library is free software; you can re distrib ute it and/or modify it under the terms of the GNU Lesser General Public Licen se as published b y the Free Software F oundation; either v ersion 2.1 of the License, o r (at your opt[...]

  • Página 162

    Appendix B Third Party Copy right Notices B-30 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 1.4. "Electronic Distrib ution Mechanism" means a mechanism generally accepted in the software dev e lopment community for the electronic transfer of data. 1.5. "Exe cu table" means Cov ered Code in any form oth[...]

  • Página 163

    B-31 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 1.12. "Y ou" (or "Y our") means an individual o r a legal en tity ex ercising rights under , and complying with all of the terms of, this License or a future version of this License issued under Section 6.1. F or[...]

  • Página 164

    Appendix B Third Party Copy right Notices B-32 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 (b) under P atent Claims infringed by the maki ng, using, or selling of Modifi cations made b y that Contrib utor either al one and/or in combination with its Co ntrib utor V ersion (or por tions of such combination), to mak e, use[...]

  • Página 165

    B-33 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices av ailable to such recipients. Y ou are re sponsible for ensuring that the Source Code version remains a vailable e v en if the El ectronic Dist rib ution Mechanism is maintained b y a third party . 3.3. Description of Mo dification[...]

  • Página 166

    Appendix B Third Party Copy right Notices B-34 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 also duplicate this License in any do cumentation for the Source Code where Y ou describe recipients' r ights o r o wne rship rights relating to Co v ered Code. Y ou may choose t o of fer , and to charge a fee for , warranty ,[...]

  • Página 167

    B-35 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices affect. Su ch description must be included i n the LEGAL file describ ed in Section 3.4 and must be includ ed with all distrib utions of the Source Code. Except to the e xtent prohibited by statute or regulation, such descriptio n m[...]

  • Página 168

    Appendix B Third Party Copy right Notices B-36 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 MERCHANT ABLE, FIT FOR A P AR TICULAR PURPOSE OR NON-INFRINGING. THE ENTIR E RISK AS TO THE QU ALITY AND PERFORMANCE OF THE C O VERED CODE IS WITH Y OU. SHOULD ANY CO VERED CODE PR O VE DEFECTIVE IN ANY RESPECT , YOU (NO T THE INIT[...]

  • Página 169

    B-37 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 8.3. If Y ou assert a patent infringement claim against Participant alle ging that such Parti cipant's Contribut or V ersion directly or indirectly i nfringes any patent wher e such claim is resolved (such as by license or se t[...]

  • Página 170

    Appendix B Third Party Copy right Notices B-38 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 This License represents the complete agreement concerning subje ct matter hereof. If any pro vision of this License is held to be unenforceable, such provision sh all be reformed only to the e xtent necessary to make it enforceable[...]

  • Página 171

    B-39 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices The Initial De veloper of the Original Code is ____ ________________ ____. Portions created b y ______________________ are Cop yright (C) ______ ____________ ___________. All Righ ts Reserved. Contrib utor(s): __ ________________ __[...]

  • Página 172

    Appendix B Third Party Copy right Notices B-40 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 provid ed to you b y Sun under t his Agreement. "Programs" mean Ja v a applets and applications intended to run o n the Jav a Platform, Standard Edition (Ja v a SE) on Jav a-enabled general purpose desktop com puters and [...]

  • Página 173

    B-41 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices 6. LIMIT A TION OF LIABILITY . TO THE EXTENT NO T PROHIBITED BY LA W , IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PR OFIT OR DA T A , OR FOR SPECIAL, INDIRECT , CONSEQUENTIAL, INC IDENT AL OR PUNITIVE D AM[...]

  • Página 174

    Appendix B Third Party Copy right Notices B-42 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01 in accordance with 48 CFR 227.7201 through 2 27.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.21 2 (for non-DOD acquisitions). 11. GO VERNING LA W . Any action related t o this Agreement will be[...]

  • Página 175

    B-43 Installing Management Center for Cisco Security Agents 5.2 78-17916-01 Appendix B Third Party Copyr ight Notices you distrib ute the Software complete and unmodif ied and only bundled as part of, and for the sole purpose of runni ng, your Programs, (ii) the Progr ams add signif icant and primary functional ity to the Softwa re, (iii) you do no[...]

  • Página 176

    Appendix B Third Party Copy right Notices B-44 Installing Management Center fo r Cisco Security Agents 5.2 78-17916-01[...]

  • Página 177

    IN-1 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 INDEX A Active hosts 4-12 Add rule 4-14 Administrator local or LDA P authent ication 4-3 roles 4-3 Agent kits 4-7 optional reboot after install A-3 registration 4-7 user interface A-4 Agent (Linux) installing A-8 Agent (Solaris) installing A-6 migrating from V4.x 3-43 Agen[...]

  • Página 178

    Index IN-2 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 D Deployment overview 1-2 Detailed de scriptio n 4-4 Distributed configu ration 3-38 DNS environment s 1-9 F File access control rule 4-14 FireFox version support 1-10 Force reboot after inst all 4-8 G Generate rules 4-20 Generating confi gurations 4-20 Group configu[...]

  • Página 179

    IN-3 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Index Windows XP 1-14 Internet Explorer version support 1-9 L Licensing import infor mation 3-18, 3-31 Licensing information 3-2 Local database install 3-6 Log installati on 3-38 Login locally 3-39 remotely 3-39 M Make kit 4-8 Migrate to CSA MC, new version 3-40 migration_[...]

  • Página 180

    Index IN-4 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01 Q Quick start setup 4-1 R Reboot opti onal agent A-2, A-3 Registered hosts view 4-12 Remote access 3-39, 4-2 Remote database install 3-7 Requirements agent 1-5 cluster support 1-11 DNS and WINS 1-9 port availa bility 1-10 server 1-3 time and date settings 1-10 web br[...]

  • Página 181

    IN-5 Installing Management Center for Cisco Se curity Agents 5.2 78-17916-01 Index remote db and CSA MC system 3-21 Two servers 2-3 U Uninstall CSA MC 3-49 UNIX agent i nstall directo ry A-7 Upgrade n aming conven tions 3-42 V Verbose logging mode 4-6 Version labels 3-42 W Web-based user interface 1-2, 1-17 Web browser requirements 1-9 Windows Clus[...]

  • Página 182

    Index IN-6 Installing Management Center for Cisco Security Agents 5. 2 78-17916-01[...]