Cisco Systems DOC-78-17916 User Manual
Installing Management Center for
Cisco Security Agents 5.2
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Customer Order Number: DOC-78-17916
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT
NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT
ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR
THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTW ARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FOR TH IN THE INFORMATION
PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO
LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as
part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILE S AND SOFTWARE OF THESE SUPPLIERS ARE
PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED
OR
IMPLIED, INCLUDING, WITHOUT L IMITATION, THO SE OF MERCHAN TABILITY, FITNESS F OR A PARTICULAR PURPOSE AND
NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LI ABLE F OR ANY IN DIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL
DAMAGES, INCLUDING, WITHOUT LIMITAT ION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
CCVP, the Cisco Logo, and the Cisco Square Bridge logo are tradem arks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn
is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco,
the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity,
Enterprise/Solver, EtherChannel, EtherFast, Ether Switch, Fast Step, Follow Me B rowsing, FormShare, Gig aDrive, GigaStack, HomeLi nk, Internet
Quotient, IOS, IP/TV, iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX,
Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way
to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain
other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0609R)
Installing Management Center for Cisco Security Agents 5.2
Copyright © 2007 Cisco Systems, Inc. All rights reserved.
CONTENTS
Preface v
Audience 1-v
Conventions 1-vi
Obtaining Documentation 1-vii
Cisco.com 1-vii
Product Documentation DVD 1-vii
Ordering Documentation 1-viii
Documentation Feedback 1-viii
Cisco Product Security Overview 1-viii
Reporting Security Problems in Cisco Products 1-ix
Product Alerts and Field Notices 1-x
Obtaining Technical Assistance 1-x
Cisco Support Website 1-x
Submitting a Service Request 1-xi
Definitions of Service Request Severity 1-xii
Obtaining Additional Publications and Information 1-xiii
CHAPTER
78-17916-01
1 Preparing to Install 1-1
How the Cisco Security Agent Works 1-1
Cisco Security Agent Overview 1-2
Before Proceeding 1-3
System Requirements 1-3
Environment Requirements 1-9
Book Title
i
Contents
DNS and WINS Environments 1-9
Browser Requirements 1-9
Time and Date Requirements 1-10
Port Availability 1-10
Windows Cluster Support 1-11
Internationalization Support 1-11
Internationalization Support Tables 1-12
About CSA MC 1-17
CHAPTER
CHAPTER
2 Deployment Planning 2-1
Overview 2-1
Piloting the Product 2-2
Running a Pilot Program 2-2
Scalable Deployments 2-3
Hardware Sizing 2-3
Software Considerations 2-5
Configuration Recommendations for Scalability 2-5
Factors in Network Sizing 2-6
Factors in Database Sizing 2-7
Policy Tuning and Troubleshooting 2-7
Overall Guidelines 2-7
Using Test Mode 2-10
Disabling Specific Rules 2-11
Caching and Resetting Query Responses 2-12
Setting Up Exception Rules 2-13
3 Installing the Management Center for Cisco Security
Agents 3-1
Overview 3-1
Book Title
ii
78-17916-01
Licensing Information 3-2
Installing V5.2 and Migrating Configurations and Hosts from Previous
Versions 3-3
Installation and Migration Overview 3-3
Local and Remote DB Installation Overview 3-6
Installing CSA MC with a Local Database 3-8
Installing CSA MC with a Remote Database 3-21
Installing CSA MC with a Previous Version’s Database (Same System
Installation) 3-32
Note for installing two CSA MCs on two separate machines 3-37
Installation Log 3-38
Accessing Management Center for Cisco Security Agents 3-39
Migration Instructions 3-40
Initiating Secure Communications 3-44
Internet Explorer 7.0: Importing the Root Certificate 3-48
Contents
CHAPTER
78-17916-01
Uninstalling Management Center for Cisco Security Agents 3-49
Copying Cisco Trust Agent Installer Files 3-50
4 Quick Start Configuration 4-1
Overview 4-1
Access Management Center for Cisco Security Agents 4-2
Administrator Roles in CSA MC 4-3
Administrator Authentication 4-3
Cisco Security Agent Policies 4-4
Configure a Group 4-5
Build an Agent Kit 4-7
The Cisco Security Agent 4-11
View Registered Hosts 4-12
Configure a Rule Module 4-12
Book Title
iii
Contents
Configure a Policy 4-18
Attach a Rule Module to a Policy 4-19
Attach a Policy to a Group 4-19
Generate Rule Programs 4-20
APPENDIX
APPENDIX
A Cisco Security Agent Installation and Overview A-1
Overview A-1
Downloading and Installing A-2
The Cisco Security Agent User Interface A-4
Installing the Solaris Agent A-6
Installing the Linux Agent A-8
B Third Party Copyright Notices B-1
iv
Book Title
78-17916-01
Audience
Preface
This manual describes how to configure the Management Center for Cisc o
Security Agents on Microsoft Windows 2003 operating systems and the Cisco
Security Agent on supported Microsoft Windows 2003, Microsoft Windows XP,
Microsoft Windows 2000, Microsoft Windows NT, Sun Solaris 9, Sun Solaris 8,
RedHat Enterprise Linux 4.0, and RedHat Enterprise Linux 3.0 operating
systems.
In addition to the information contained in this manual, the release notes contain
the latest information for this release. Note that this manual does not provide
tutorial information on the use of any operating systems.
This manual is for system managers or network administrators who install,
configure, and maintain Management Center for Cisco Security Agents softw are.
Installers should be knowledgeable about networking concepts and system
management and have experience installing software on Windows operating
systems.
78-17916-01
Installing Management Center for Cisco Security Agents 5.2
v
Conventions
Conventions
This manual uses the following conventions.
Convention Purpose Example
Bold text User interface field names and
menu options.
Italicized text Used to emphasize text. You m u s t save your
Keys connected
by the plus sign
Keys not
connected by plus
signs
Monospaced
font
Keys pressed simultaneously. Ctrl+Alt+Delete
Keys pressed sequentially. Esc 0 2 7
Text displayed at the command
line.
Click the Groups option. The
Groups edit page appears.
configuration before you can
deploy your rule sets.
>ping www.example.com
Preface
vi
Tip Identifies information to help you get the most bene fit from your product.
Note Means reader take note. Notes identify important information that you should
reflect upon before continuing, contain helpful suggestions, or pro vide references
to materials not contained in the document.
Caution Means read er be ca reful . In this situation, you might do something that could
result in equipment damage, loss of data, or a potential breach in your network
security.
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Preface
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. This
section explains the product documentation resources that Cisco offers.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/techsupport
You can access the Cisco website at this URL:
http://www.cisco.com
You can access international Cisco website s at this URL:
http://www.cisco.com/public/countries_languages.shtml
Product Documentation DVD
Obtaining Documentation
78-17916-01
The Product Documentation DVD is a library of technical product docu mentation
on a portable medium. The DVD enables you to access installation, configuration,
and command guides for Cisco hardware and software products. With the DVD,
you have access to the HTML documentation and some of the PDF
the Cisco website at this URL:
http://www.cisco.com/univercd/home/home.htm
The Product Documentation DVD is created and released regularly. DVDs are
available singly or by subscription. Registered Cisco.com users can order a
Product Documentation DVD (product number DOC-DOCDVD= or
DOC-DOCDVD=SUB) from Cisco
Store at this URL:
http://www.cisco.com/go/marketplace/docstore
Installing Management Center for Cisco Security Agents 5.2
Marketplace at the Product Documentation
files found on
vii
Documentation Feedback
Ordering Documentation
You must be a registered Cisco.com user to access Cisco Marketplace. Registered
users may order Cisco documentation at the Pr odu ct Documentation Store at this
URL:
http://www.cisco.com/go/marketplace/docstore
If you do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Documentation Feedback
You can provide feedback about Cisco technical documentation on the
Cisco
Support site area by entering your comments in the feedback form av ailable
in every online document.
Preface
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.h
tml
From this site, you will find information about how to do the following:
• Report security vulnerabilities in Cisco products
• Obtain assistance with security incidents that involve Cisco products
• Register to receive security information from Cisco
A current list of security advisories, security notices, and security responses for
Cisco products is available at this URL:
http://www.cisco.com/go/psirt
Installing Management Center for Cisco Security Agents 5.2
viii
78-17916-01
Preface
To se e security advisories, security notices, and security responses as they are
updated in real time, you can subscribe to t he Product Security Incident Response
Team Really Simple Syndication (PSIRT RSS) feed. Information about how to
subscribe to the PSIRT RSS feed is found at this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure p rod ucts. We test our products internally
before we release them, and we strive to correct all vulnerabilities quickly. If you
think that you have identified a vulnerability in a Cisco product, contact PSIRT:
• For emergencies only — security-alert@cisco.com
An emergency is either a condition in which a system is under active attack
or a condition for which a severe and urgent security vulnerability should be
reported. All other conditions are considered nonemergencies.
• For nonemergencies — psirt@cisco.com
In an emergency, you can also reach PSIRT by telephone:
• 1 877 228-7302
• 1 408 525-6532
Cisco Product Security Overview
78-17916-01
Tip W e encourage you to use Pretty Good Priv ac y (PGP ) or a compatible product (for
example, GnuPG) to encrypt any sensitive information that you send to Cisco.
PSIRT can w or k with informat ion that has been encrypted with PGP v ersions
through
9.x.
2.x
Never use a revoked encryption key or an expired encryption key. The correct
public key to use in your correspondence with PSIRT is the one linked in the
Contact Summary section of the Security Vulnerability Policy page at this
URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.h
tml
The link on this page has the current PGP key ID in use.
Installing Management Center for Cisco Security Agents 5.2
ix
Product Alerts and Field Notices
If you do not have or use PGP, contact PSIRT to find other means of encrypting
the data before sending any sensitive material.
Product Alerts and Field Notices
Modifications to or updates abou t Cisco products are annou nced in Cisco Product
Alerts and Cisco
the Product Alert T ool o n Cisco.com. This tool enable s you to create a profile and
choose those products for which you want to receive information.
To acces s the Product Alert Tool, you must be a registered Cisco.com user.
Registered users can access the tool at this URL:
http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en
To register as a Cisco.com user, go to this URL:
http://tools.cisco.com/RPF/register/register.do
Field Notices. You can receive these announcements by using
Preface
Obtaining Technical Assistance
Cisco Technical Support provides 24-hour-a-day award-winning technical
assistance. The Cisco
support resources. In addition, if you have
Cisco
Technical Assistance Center ( TAC) engineers provide telephon e support. If
you do not have a valid Cisco service contract, contact your reseller.
Cisco Support Website
The Cisco Support website provides online d ocuments and tools fo r
troubleshooting and resolving technical issues with Cisco products and
technologies. The website is available 24
http://www.cisco.com/en/US/support/index.html
Installing Management Center for Cisco Security Agents 5.2
x
Support website on Cisco.com features extensive online
a valid Cisco service contract,
hours a day at this URL:
78-17916-01
Preface
Obtaining Technical Assistance
Access to all tools on the Cisco Support website requires a Cisco.com user ID and
password. If you have a valid service contract but do not have a user ID or
password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note Before you submit a request for service online or by phone, use the
Cisco
Product Identification Tool to locate your product serial number. You can
access this tool from the Cisco
Support website by clicking the Get Tools &
Resources link, clicking the All Tools (A-Z) tab, and then choosing
Cisco
Product Identification Tool from the alphabetical list. This tool offers
three search options: by
product ID or model nam e; by tree view; or, for certain
products, by copying and pasting show command output. Search results show an
illustration of your product with the serial number label location highlighted.
Locate the serial number label on your product and record the information
before placing a service call.
Tip Displaying and Searching on Cisco.com
If you suspect that the browser is not refreshing a web page, force the browser to
update the web page by holding down the Ctrl key while pressing F5.
To find technical information, narrow your search to look in technical
documentation, not the entire
the Cisco.com home page, click the Advanced
on the resulting page and then click the Technical
radio button.
Cisco.com website. After using the Search box on
Search link next to the Search box
Support & Documentation
To provide feedback about the Cisco.com website or a particular technical
document, click Contacts & Feedback at the top of any Cisco.com web page.
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4
service requests. (S3
minimally impaired or for which you require product information.) After you
describe your situation, the TAC
78-17916-01
and S4 service requests are those in which your network is
Installing Management Center for Cisco Security Agents 5.2
Service Request Tool provides recommended
xi
Obtaining Technical Assistance
solutions. If your issue is not resolved using the recommended resources, your
service request is assigned to a Cisco engineer. The TAC Service Request Tool is
located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests, or if you do not have Internet access, contact the
Cisco
production network is down or severely degraded.) Cisco engineers are assigned
immediately to S1 and S2 service requests to help keep your business operations
running smoothly.
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411
Australia: 1 800 805 227
EMEA: +32 2 704 55 55
USA: 1 800 553 2447
For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Preface
TAC by telephone. (S1 or S2 service requests are those in which your
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has
established severity definitions.
Severity 1 (S1)—An existing network is “down” or there is a critical impact to
your business operations. You and Cisco will commit all necessary resources
around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or
significant aspects of your business operations are negatively affected by
inadequate performance of Cisco products. You and Cisco will commit full-time
resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operation al performance of the netwo rk is impaired while most
business operations remain functional. You and Cisco will commit resources
during normal business hours to restore service to sa tisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product
capabilities, installation, or configuration. There is little or no effect on your
business operations.
Installing Management Center for Cisco Security Agents 5.2
xii
78-17916-01
Preface
Obtaining Additional Publications and Information
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is
available from various online and printed sources.
• The Cisco Online Subscription Center is the website where you can sign up
for a variety of Cisco e-mail newslette rs and oth er communicati ons. Create a
profile and then select the subscriptions that you would like to receive. To
visit the Cisco
http://www.cisco.com/offer/subscribe
• The Cisco Product Quic k Refer ence Guide is a handy, compact reference tool
that includes brief product overvie ws, k ey features, samp le part numbers, and
abbreviated technical specifications for many Cisco
through channel partners. It is updated twice a year and includes the latest
Cisco channel product offerings. To order and find out more about the
Cisco
Product Quick Reference Guide, go to this URL:
http://www.cisco.com/go/guide
• Cisco Marketplace provides a variety of Cisco books, reference guides,
documentation, and logo me rchandis e. Visit Cisco
company store, at this
Online Subscription Center, go to this URL:
products that are sold
Marketplace, the
URL:
78-17916-01
http://www.cisco.com/go/marketplace/
• Cisco Press publishes a wide range of general networking, training, and
certification titles. Both new and experienced users will benefit from these
publications. For current Cisco
Cisco
Press at this URL:
Press titles and other information, go to
http://www.ciscopress.com
• Internet Protocol Journal is a quarterly journal published by Cisco for
engineering professionals involved in designing, developing, and operating
public and private internets and intranets. You can access the Internet
Protocol Journal at this URL:
http://www.cisco.com/ipj
• Networking products offered b y Cisco, as well as customer support services,
can be obtained at this
URL:
http://www.cisco.com/en/US/products/index.html
Installing Management Center for Cisco Security Agents 5.2
xiii
Obtaining Additional Publications and Information
• Networking Professionals Connection is an interactive website where
networking professionals share questions, suggestions, and information
about networking products and technologies with Cisco experts and other
networking professionals. Join a discussion at this URL:
http://www.cisco.com/discuss/networking
• “What’s New in Cisco Documentation” is an online publication th at provides
information about the latest documentation releases for Cisco products.
Updated monthly, this online publication is organized by product category to
direct you quickly to the documentation for your products. You can view the
latest release of “What’s New in Cisco
http://www.cisco.com/univercd/cc/td/doc/abtunicd/136957.htm
• World-class networking training is available from Cisco. You can view
current offerings at this
http://www.cisco.com/en/US/learning/index.html
Preface
Documentation” at this URL:
URL:
xiv
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
CHA P T ER
Preparing to Install
How the Cisco Security Agent Works
The Cisco Security Agent provides distributed security to your enterprise by
deploying agents that defend against the proliferation of attacks across networks
and systems. These agents operate using a set of rules pr ovided by the
Management Center for Cisco Security Agents and selectively assigned to each
client node on your network by the network administrator.
This section includes the following topics.
• Cisco Security Agent Overview, page 1-2
• Before Proceeding, page 1-3
• System Requirements, page 1-3
• Environment Requirements, page 1-9
• DNS and WINS Environments, page 1-9
1
78-17916-01
• Browser Requirements, page 1-9
• Time and Date Requirements, page 1-10
• Port Availability, page 1-10
• Windows Cluster Support, page 1-11
• Internationalization Support, page 1-11
• Internationalization Support Tables, page 1-12
• About CSA MC, page 1-17
Installing Management Center for Cisco Security Agents 5.2
1-1
Cisco Security Agent Overview
Cisco Security Agent Overview
Cisco Security Agent contains two components:
• The Management Center for Cisco Security Agents (CSA MC)- inst al ls on a
secured server and includes a web server, a configuration database, and a
web-based user interface.
• The Cisco Security Agent (the agent)- installs on desktops and servers across
your enterprise and enforces security policies on those systems.
Administrators configure security policies on CSA MC using the web-based
interface. They distribute these policies to agents installed on end user systems
and servers. Policies can allow or deny specific system actions. The agents check
policies before allowing applications access to system resources.
Figure 1-1 Product Deployment
Chapter 1 Preparing to Install
1-2
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Chapter 1 Preparing to Install
Before Proceeding
Before installing CSA MC software, refer to the Release Notes for up-to-date
information. Not doing so can result in the misconfiguration of your system.
Make sure that your system is compatible with the Cisco product you are
installing and that it has the appropriate software installed.
Read through the following information before installing the CSA MC software.
System Requirements
Note The acronym CSA MC is used to represent the Management Center for Cisco
Security Agents.
Table 1-1 shows the minimum CSA MC server requirements for Windows 2003
systems. These requirements are sufficient if you are running a pilot of the
product or for deployments up to 1.000 agents. If yo u are planning to deplo y CSA
MC with more than 1.000 agents, these requirements are insufficient. See
Scalable Deployments, page 2-3 for more detailed system requirements.
Before Proceeding
78-17916-01
Ta b l e 1-1 Minimum Server Requirements
System Component Requirement
Hardware • IBM PC-compatible computer
• Color monitor with video card capable of
16-bit
Processor 1 GHz or faster Pentium processor
Operating System Windows 2003 R2 Standard or Enterprise
Editions
Note T o run terminal services on the CSA MC
system, you must edit the MC policy.
File System NTFS
Memory 1 GB minimum memory
Installing Management Center for Cisco Security Agents 5.2
1-3
System Requirements
Chapter 1 Preparing to Install
System Component Requirement
Virtu al Me mory 2 GB virtual memory
Hard Drive Space 9 GB minimum available disk drive space
• Pager alerts require a Hayes Compatible Modem.
• For optimal viewing of the CSA MC UI, you should set your display to a
resolution of 1024x768 or higher.
• On a system where CSA MC has never been installed, the CSA MC setup
program first installs Microsoft SQL Server Express and the required .NET
environment. If the CSA MC installation detects any other database type
attached to an existing installation of Microsoft SQL Server Express, the
installation will abort. This d atabase configuration is not supported.
If you are planning to deploy no more th an 1 ,000 agents , the shi pped version
of Microsoft SQL Server Express should be adequate. For a larger
deployment, you also have the option of installing Microsoft SQL Server
2005 or Microsoft SQL Server 2000 instead of using the Mi crosoft SQL
Server Express database that is provided. Note that of you are using SQL
Server 2005 or 2000, it must be licensed separately and it must be installed
on the system before you begin the CSA MC installation. See
Chapter 3,
“Installing the Management Center for Cisco Security Agents” fo r
details.
W e also reco mmend that you format the disk t o which you are installing CSA
MC as NTFS. FAT32 limits all file sizes to 4 GB.
1-4
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Chapter 1 Preparing to Install
To run the Cisco Security Agent on Windows servers and desktop systems, the
requirements are as follows:
System Component Requirement
Processor Intel Pentium 200 MHz or higher
Operating Systems • Windows Server 2003 (Standard,
System Requirements
Ta b l e 1-2 Agent Requirements (Windows)
Note Up to eight physical processors are
supported.
Enterprise, We b, or Small Business
Editions) Service Pack 0 or 1
• Windows XP (Professional, Tablet PC
Edition 2005, or Home Edition) Service
Pack 0, 1, or 2
• Windows 2000 (Professional, Server or
Advanced Server) with Service Pack 0, 1, 2,
3, or 4
78-17916-01
• Windows NT (Workstation, Server or
Enterprise Server) with Service Pack 6a
Note Citrix Metaframe and Citrix XP are
supported. Terminal Services are
supported on Windows 2003, Windows
XP, and Windows 2000 (Terminal
Services are not supported on Windows
NT.)
Supported language versions are as follows:
• For Windows 2003, XP, and 2000, all
language versions, except Arabic and
Hebrew, are supported.
• For Windows NT, US English is the only
supported language version.
Memory 128 MB minimum—all supported Windows
platforms
Installing Management Center for Cisco Security Agents 5.2
1-5
System Requirements
Chapter 1 Preparing to Install
System Component Requirement
Hard Drive Space 50 MB or higher
Note This includes program and data.
Network Ethernet or Dial up
Note Maximum of 64 IP addresses supported
on a system.
1-6
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Chapter 1 Preparing to Install
T o run the Cisco Security Agent on your Solaris serv er systems, the requirements
are as follows:
System Component Requirement
Processor UltraSPARC 400 MHz or higher
Operating Systems Solaris 9, 64 bit, patch version 111711-11 or
Memory 256 MB minimum
Hard Drive Space 50 MB or higher
Network Ethernet
System Requirements
Ta b l e 1-3 Agent Requirements (Solaris)
Note Uni-processor, dual pro cessor, and quad
processor systems are supported.
higher, and 111712-11 or higher installed.
Solaris 8, 64 bit 12/02 Edition or higher (This
corresponds to kernel Generic_108528-18 or
higher.)
Note If you have the minimal Sun Solaris 8
installation (Core group) on the system
to which you are installing the agent, the
Solaris machine will be missing certain
libraries and utilities the agent requires.
Before you install the agent, you must
install the "SUNWlibCx" library which
can be found on the Solaris 8 Software
disc (1 of 2) in the /Solaris_8/Product
directory. Install using the pkgadd -d .
SUNWlibCx command.
Note This includes program and data.
Note Maximum of 64 IP addresses supported
on a system.
78-17916-01
Installing Management Center for Cisco Security Agents 5.2
1-7
System Requirements
Caution On Solaris systems running Cisco Security Agents, if you add a new type of
Chapter 1 Preparing to Install
Ethernet interface to the system, you must reboot that system twice for the agent
to detect it and apply rules to it accordingly.
To run the Cisco Security Agent on your Linux systems, the requirements are as
follows:
Ta b l e 1-4 Agent Requirements (Linux)
System Component Requirement
Processor 500 MHz or faster x86 processor (32 bits only)
Note Uni-processor, dual pro cessor, and quad
processor systems are supported.
Operating Systems RedHat Enterprise Linux 4.0 WS, ES, or AS
RedHat Enterprise Linux 3.0 WS, ES, or AS
Memory 256 MB minimum
Hard Drive Space 50 MB or higher
Note This includes program and data.
Network Ethernet
Note Maximum of 64 IP addresses supported
on a system.
1-8
Note Agent systems must be able to communicate with CSA MC over HTTPS.
Note The Cisco Security Agent uses approximately 30 MB of memory. This applies to
agents running on all supported Windows and UNIX platforms.
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Chapter 1 Preparing to Install
Caution When upgrading or changing operating systems, uninstall the agent first. When
the new operating system is in place, you can install a new agent kit. Because the
agent installation examines the operating system at install time and copies
components accordingly, existing agent components may not be compatible with
operating system changes.
Environment Requirements
The following are recommendations for a secure setup and deployment of CSA
MC.
• The system on which you are installi ng the CSA MC software should be
placed in a physically secure, locked down location with restricted access.
• Do not install any software on the CSA MC system that is not required by the
product itself.
• You must have administrator privi leges on the system in question to perform
the installation.
• The CSA MC system must have a static IP address or a fixed DHCP address.
Environment Requirements
DNS and WINS Environments
For agents and browsers to successfully communicate with CSA MC, the CSA
MC machine name must be resolvable through DNS (Domain Name Service) or
WINS (Windows Internet Naming Service)
Browser Requirements
You use a web browser to access CSA MC either locally or from a remote system.
Browser requirements are as follows:
Internet Explorer:
• Version 6.0 or later
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
.
1-9
Environment Requirements
• You must have cookies enabled. This means using a maximum setting of
"medium" as your Internet security setting. Locate this feature f rom the
following menu, Tools>Internet Options. Click the Security tab.
• JavaScript must be enabled.
• If you are using Internet Explorer Version 6.0 SP1 or higher, your CSA
MC FQDN cannot contain non-alphanumeric characters ot her than '-' and
'.' . For example, if the server system name contains an underscore "_",
CSA MC will not work properly.
FireFox:
• Version 1.5.0.x or higher
• You must have cookies enabled. Locate this feature from the following
menu, Tools>Options>Privacy>Cookies.
• JavaScript must be enabled.
Time and Date Requirements
Chapter 1 Preparing to Install
Before you install CSA MC, make sure that the system to which you plan install
the software has the correct and current time, date, and time zone settings. If these
settings are not current, you will encounter MC/agent certificate issues.
Port Availability
CSA MC acts as a web server and requires that no other web server software is
running on the CSA MC system. Having multiple web servers running on the
same system causes port conflicts.
Caution By default, Windows 2003 has the World Wide Web Publishing service running.
If the CSA MC installation detects this service runnin g, the CSA MC inst allation
will disable all Web publishing services in order for its own installation to
proceed.
Installing Management Center for Cisco Security Agents 5.2
1-10
78-17916-01
Chapter 1 Preparing to Install
Windows Cluster Support
Cisco Security Agent supports Network Load Balancing and Server Cluster for
Windows 2003 and 2000 Server platforms. Cluster support may require certain
network permissions to operate. As with o ther network services , your CSA M C
policies must account for these network permissions. (Component Load
Balancing, and Solaris and Linux Clusters are not officially supported in this
release.)
Internationalization Support
All Cisco Security Agent kits contain localized support for English, French,
German, Italian, Japanese, Korean, Simplified Chinese, and Spanish language
desktops. This support is automatic in each agent kit and no action is required by
the administrator. The agent UI, events , and help system will appear in the
language of the end user’s desktop.
The following table lists CSA localized support and qualification for various OS
types.
Internationalization Support
78-17916-01
Ta b l e 1-5 CSA Localizations
Language Operating System Localized Qualified
Chinese (Simplified) Windows 2000 Yes Yes
Win dow s XP Yes Yes
Windows 2003 Yes Yes
French Windows 2000 Yes Yes
Win dow s XP Yes Yes
Windows 2003 Yes Yes
German Windows 2000 Yes Yes
Win dow s XP Yes Yes
Windows 2003 Yes Yes
Italian Windows 2000 Yes Yes
Win dow s XP Yes Yes
Installing Management Center for Cisco Security Agents 5.2
1-11
Internationalization Support
Language Operating System Localized Qualified
Japanese Windows 2000 Yes Yes
Korean Windows 2000 Yes Yes
Spanish Windows 2000 Yes Yes
Chapter 1 Preparing to Install
Windows 2003 Yes Yes
Win dow s XP Yes Yes
Windows 2003 Yes Yes
Win dow s XP Yes Yes
Windows 2003 Yes Yes
Win dow s XP Yes Yes
Windows 2003 Yes Yes
Explanation of terms:
Localized: Cisco Security Agent kits contain localized support for the
languages identified in
Table 1-5. This support is automatic in each agent kit
and no action is required by the administrator. The agent UI, events, and help
system will appear in the language of the end user’s desktop. All localized
languages are agent qualified and supported. (CSA MC is not localized.)
Qualified: The Cisco Security Agent was tested on these language pl atforms.
Cisco security agent drivers are able to handle the local characters in file
paths and registry paths. All qualified langua ges are suppo rted.
Supported: The Cisco Security Agent is suitable to run on these language
platforms. The localized characters are supported by all agent functions.
Refer to the following tables.
Internationalization Support Tables
The following tables detail the level of support for each localized version of
Windows operating systems. Note that support for a localized operating
system is different from localized agent. A localized operating system may be
supported even though the corresponding language is not translated in the agent.
In this case, the dialogs will appear in English. The tables below define the
operating system support, not agent language support. Note, for Multilingual User
Installing Management Center for Cisco Security Agents 5.2
1-12
78-17916-01
Chapter 1 Preparing to Install
Interface (MUI) supported languages, installs are always in English (Installshield
does not support MUI), and the UI/dialogs are in English unless the desktop is
Chinese (Simplified), French, German, Italian, Japanese, Korean, or Spanish.
Any Windows 2000, Windows XP or Windows 2003 platforms/versions not
mentioned in the tables below should be treated as not supported.
The following letter combinations are used to describe the level of support:
Internationalization Support
Ta b l e 1-6
Support Level Key
L Agent localized, supported and qualified. (Note: L(S) –
Localized and supported only)
T Supported and qualified.
S Supported but not qualified – Bugs will be fixed when
reported by customers, but the e xact configuration was not
tested.
NA Not applicable – Microsoft does not ship this combination.
NS Not supported.
Ta b l e 1-7 Windows 2000 Support
Advanced
Professional Server
Server
MUI T S S
Arabic NS NA NA
Chinese (Simplified) L L(S) L(S)
Chinese (Traditional) T S S
Czech S S NA
Danish T NA NA
Dutch S S NA
English L L L
Finnish S NA NA
French L L(S) L(S)
German L L(S) L(S)
78-17916-01
Installing Management Center for Cisco Security Agents 5.2
1-13
Internationalization Support
Greek S NA NA
Hebrew NS NA NA
Hungarian S S NA
Italian L L(S) NA
Japanese L L(S) L(S)
Korean L L(S) L(S)
Norwegian S NA NA
Polish T T NA
Portuguese S S NA
Russian S S NA
Spanish L L(S) L(S)
Swedish S S NA
Turkish S S NA
Professional Server
Chapter 1 Preparing to Install
Advanced
Server
1-14
Ta b l e 1-8 Windows XP Support
Professional Home
Arabic NS NS
Chinese (Simplified) L L(S)
Chinese (Traditional) T S
Chinese (Hong Kong) S S
Czech S S
Danish T S
Dutch S S
English L L
Finnish S S
French L L(S)
German L L(S)
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Loading...