Cisco Systems DOC-78-17916 User Manual
Size:
5.05 Mb
Download

Installing Management Center for Cisco Security Agents 5.2

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive

San Jose, CA 95134-1706USAhttp://www.cisco.com Tel: 408526-4000

800 553-NETS(6387) Fax: 408527-0883

Customer Order Number: DOC-78-17916

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the Univers ity of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMEDSUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0609R)

Installing Management Center for Cisco Security Agents 5.2

Copyright © 2007 Cisco Systems, Inc. All rights reserved.

C O N T E N T S

 

 

Preface v

 

 

 

 

 

 

 

 

 

Audience 1-v

 

 

 

 

 

 

 

 

 

Conventions 1-vi

 

 

 

 

 

 

 

 

 

Obtaining Documentation

1-vii

 

 

 

 

 

 

 

Cisco.com 1-vii

 

 

 

 

 

 

 

 

 

Product Documentation DVD

1-vii

 

 

 

 

 

Ordering Documentation 1-viii

 

 

 

 

 

Documentation Feedback

1-viii

 

 

 

 

 

 

 

Cisco Product Security Overview

 

1-viii

 

 

 

 

 

Reporting Security Problems in Cisco Products

1-ix

 

 

Product Alerts and Field Notices

1-x

 

 

 

 

 

Obtaining Technical Assistance

1-x

 

 

 

 

 

Cisco Support Website

1-x

 

 

 

 

 

 

 

Submitting a Service Request

1-xi

 

 

 

 

 

Definitions of Service Request Severity 1-xii

 

 

 

 

 

Obtaining Additional Publications and Information

1-xiii

 

Preparing to Install

 

 

 

 

 

 

C H A P T E R 1

1-1

 

 

 

 

 

 

 

How the Cisco Security Agent Works 1-1

 

 

 

 

 

Cisco Security Agent Overview

1-2

 

 

 

 

 

Before Proceeding 1-3

 

 

 

 

 

 

 

 

 

System Requirements 1-3

 

 

 

 

 

 

 

 

 

Environment Requirements

1-9

 

 

 

 

 

 

 

 

 

 

 

 

Book Title

 

 

 

 

 

 

 

 

 

 

 

78-17916-01

 

 

 

 

 

 

 

i

 

 

 

 

 

 

 

 

Contents

 

 

DNS and WINS Environments

1-9

 

 

Browser Requirements 1-9

 

 

 

Time and Date Requirements

1-10

 

 

Port Availability

1-10

 

 

 

 

Windows Cluster Support

1-11

 

 

Internationalization Support 1-11

 

 

 

Internationalization Support Tables 1-12

 

 

About CSA MC 1-17

 

 

 

 

 

 

Deployment Planning

 

 

 

C H A P T E R

2

2-1

 

 

 

 

Overview 2-1

 

 

 

 

 

 

Piloting the Product

2-2

 

 

 

 

Running a Pilot Program

2-2

 

 

 

Scalable Deployments

2-3

 

 

 

 

Hardware Sizing

 

2-3

 

 

 

 

Software Considerations

2-5

 

 

 

Configuration Recommendations for Scalability 2-5

 

 

Factors in Network Sizing

2-6

 

 

 

Factors in Database Sizing 2-7

 

 

Policy Tuning and Troubleshooting

2-7

 

 

Overall Guidelines

2-7

 

 

 

 

Using Test Mode

2-10

 

 

 

 

Disabling Specific Rules

2-11

 

 

 

Caching and Resetting Query Responses 2-12

 

 

Setting Up Exception Rules 2-13

 

 

Installing the Management Center for Cisco Security

C H A P T E R

3

 

 

Agents 3-1

 

 

 

 

Overview 3-1

Book Title

ii

78-17916-01

 

 

System
3-37

Contents

Licensing Information 3-2

Installing V5.2 and Migrating Configurations and Hosts from Previous

Versions 3-3

Installation and Migration Overview 3-3

Local and Remote DB Installation Overview 3-6

Installing CSA MC with a Local Database 3-8

Installing CSA MC with a Remote Database 3-21

Installing CSA MC with a Previous Version’s Database (Same

Installation) 3-32

Note for installing two CSA MCs on two separate machines

Installation Log 3-38

 

 

Accessing Management Center for Cisco Security Agents

3-39

 

 

 

 

Migration Instructions 3-40

 

 

 

 

 

 

Initiating Secure Communications

3-44

 

 

 

 

 

Internet Explorer 7.0: Importing the Root Certificate 3-48

 

 

 

 

 

Uninstalling Management Center for Cisco Security Agents

3-49

 

 

 

 

Copying Cisco Trust Agent Installer Files 3-50

 

 

 

 

Quick Start Configuration

 

 

 

 

C H A P T E R 4

4-1

 

 

 

 

 

Overview 4-1

 

 

 

 

 

 

 

 

Access Management Center for Cisco Security Agents 4-2

 

 

 

 

 

Administrator Roles in CSA MC 4-3

 

 

 

 

 

Administrator Authentication

4-3

 

 

 

 

 

Cisco Security Agent Policies

4-4

 

 

 

 

 

 

Configure a Group

4-5

 

 

 

 

 

 

 

Build an Agent Kit

4-7

 

 

 

 

 

 

 

The Cisco Security Agent

4-11

 

 

 

 

 

 

View Registered Hosts 4-12

 

 

 

 

 

 

 

Configure a Rule Module 4-12

 

 

 

 

 

 

 

 

 

 

Book Title

 

 

 

 

 

 

 

 

 

78-17916-01

 

 

 

 

 

 

iii

 

 

 

 

 

 

 

Contents

Configure a Policy 4-18

 

Attach a Rule Module to a Policy 4-19

Attach a Policy to a Group

4-19

Generate Rule Programs

4-20

 

 

Cisco Security Agent Installation and Overview A-1

A P P E N D I X

A

 

 

Overview A-1

 

 

 

Downloading and Installing

A-2

 

 

The Cisco Security Agent User Interface A-4

 

 

Installing the Solaris Agent

A-6

 

 

Installing the Linux Agent A-8

 

 

Third Party Copyright Notices

 

A P P E N D I X

B

B-1

Book Title

iv

78-17916-01

 

 

Preface

This manual describes how to configure the Management Center for Cisco Security Agents on Microsoft Windows 2003 operating systems and the Cisco Security Agent on supported Microsoft Windows 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows NT, Sun Solaris 9, Sun Solaris 8, RedHat Enterprise Linux 4.0, and RedHat Enterprise Linux 3.0 operating systems.

In addition to the information contained in this manual, the release notes contain the latest information for this release. Note that this manual does not provide tutorial information on the use of any operating systems.

Audience

This manual is for system managers or network administrators who install, configure, and maintain Management Center for Cisco Security Agents software. Installers should be knowledgeable about networking concepts and system management and have experience installing software on Windows operating systems.

Installing Management Center for Cisco Security Agents 5.2

 

78-17916-01

v

 

Preface

Conventions

Conventions

This manual uses the following conventions.

Convention

Purpose

Example

 

 

 

Bold text

User interface field names and

Click the Groups option. The

 

menu options.

Groups edit page appears.

 

 

 

Italicized text

Used to emphasize text.

You must save your

 

 

configuration before you can

 

 

deploy your rule sets.

 

 

 

Keys connected

Keys pressed simultaneously.

Ctrl+Alt+Delete

by the plus sign

 

 

 

 

 

Keys not

Keys pressed sequentially.

Esc 0 2 7

connected by plus

 

 

signs

 

 

 

 

 

Monospaced

Text displayed at the command

>ping www.example.com

font

line.

 

Tip Identifies information to help you get the most benefit from your product.

Note Meansreader take note. Notes identify important information that you should reflect upon before continuing, contain helpful suggestions, or provide references to materials not contained in the document.

Caution Meansreader be careful. In this situation, you might do something that could

result in equipment damage, loss of data, or a potential breach in your network security.

Installing Management Center for Cisco Security Agents 5.2

vi

78-17916-01