Supplement and Release Notes for
CiscoWorks Security Information
Management Solution (SIMS) 3.4.1
OL-11757-01
Revised October 31, 2006
This document provides Cisco-specific information to supplement the
CiscoWorks Security Information Management Solution (SIMS) 3.4.1
documentation, developed by netForensics, Inc. This document contains:
• Acknowledgements, page 2
• Important Information About This Update, page 2
• Product Availability Change Notice, page 6
• Documentation Roadmap, page 6
• Obtaining Documentation, page 11
• Documentation Feedback, page 13
• Cisco Product Security Overview, page 13
• Product Alerts and Field Notices, page 15
• Obtaining Technical Assistance, page 15
Corporate Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© 2006 Cisco Systems, Inc. All rights reserved.
Acknowledgements
• Obtaining Additional Publications and Information, page 18
• CiscoWorks SIMS Licensing and Registration, page 19
Acknowledgements
CiscoWorks SIMS is the netForensics, Inc., Security Information Management
Solution. This product is offered to Cisco Systems customers in cooperation with
netForensics, Inc.
Important Information About This Update
Caution If you use a CiscoWorks SIMS version earlier than 3.4, you must upgrade to
version 3.4 beforeyoutrytoinstalltheCiscoWorksSIMS3.4.1update.You must
not apply this update to any CiscoWorksSIMSversionearlierthan3.4.Ifyou do,
your server might become unstable or unusable.
Topics in this section describe how this release differs from earlier releases:
• Updated Documents, page 2
• Agents in This Update, page 3
Updated Documents
The following netForensics guides are updated for the CiscoWorks SIMS 3.4.1
release. For information about where you can obtain them, see
nFX_OSP3.4.1ReleaseNotes.Cisco.pdf:
• nFX OSP Unix and Windows Installation Guide
• nFX OSP Administration and Configuration Guide
• nFX OSP User’s Guide
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
2
OL-11757-01
• nFX OSP Reports Guide
• nFX OSP Vulnerability Correlation Administration Guide
See Documentation Roadmap, page 6 for detailed information.
Agents in This Update
This update includes new and changed agents. To learn more, see these topics:
• Changed Terminology, page 3
• New and Replaced Agents, page 3
• Updated Agents, page 4
• Agent Installation Notes, page 5
Changed Terminology
The 3.3 Consolidated Agent from CiscoWorks SIMS 3.3 has been renamed. Its
new name is Agent Installation (October 2006).
Important Information About This Update
New and Replaced Agents
Agent Installation (October 2006) includes the following new agents:
• nF Agent for AirDefense Enterprise Agent
• nF Agent for Fortinet FortiGate
• nF Agent for Microsoft ISA Server
• nF Agent for Microsoft SQL Server
• nF Agent for RippleTech Informant
• nF Agent for Unix OS
• nF Agent for Websense Enterprise
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
3
Important Information About This Update
Note nF Agent for Unix OS replaces the following two agents:
• nF Agent for HP Unix
• nF Agent for IBM AIX OS
Updated Agents
Agent Installation (October 2006) includes updates to the following agents:
• nF Agent for Sidewinder
• nF Agent for Dragon Sensor
• nF Agent for Sourcefire EStreamer
• nF Agent for Real Secure ISS Site Protector
• nF Agent for Real Secure Desktop Protector
• nF Agent for Arbor Peakflow X
• nF Agent for Cisco Secure IPS
• nF Agent for Symantec AntiVirus
• nF Agent for Foundstone Scanner
• nF Agent for Syslog File Agent (syslog)
• nF Agent for Syslog File Agent (Java)
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
4
OL-11757-01
Agent Installation Notes
The version of CiscoWorks SIMS that you have determines whether, how, and
when you use Agent Installation (October 2006). For detailed information, see
nFAgentReleaseNotes(October2006).Cisco.pdf.
Version Notes
3.4.1
3.4
3.3.1
3.3
or earlier
You already have the software that this update contains.
You must apply Point Update 58405 from the Agent Installation (October 2006)CD-ROM
before you install any of the agents included in this release:
• nFSIM-3.4-PNTUPD-58405.tar.gz is in the Prerequisite Point Updates/3.4
Prerequisite subdirectory.
• For detailed installation instructions, see Point Update 58405 for CiscoWorks SIMS
3.4 Release Notes, in the Documents subdirectory.
You must apply Point Update 58404 from the Agent Installation (October 2006)CD-ROM
before you install any of the agents included in this release:
• nFSIM-3.3.1-PNTUPD-58404.tar.gz is in the Prerequisite Point Updates/3.3.1
Prerequisite subdirectory.
• For detailed installation instructions, see Point Update 58404 for CiscoWorks SIMS
3.3.1 Release Notes, in the Documents subdirectory.
You must complete this procedure before you install any of the agents included in
this release:
1. Upgrade to CiscoWorks SIMS 3.3.1.
For detailed upgrade instructions, see either:
• nFX OSP Version 3.3.1 Release Notes.
or
• nFX OSP Version 3.3.1 Migration Update Release Notes.
2. From the Agent Installation (October 2006) CD-ROM, apply Point Update 58404:
• nFSIM-3.3.1-PNTUPD-58404.tar.gz is in the Prerequisite Point Updates/3.3.1
Prerequisite subdirectory.
• For detailed installation instructions, see Point Update 58404 for CiscoWorks
SIMS 3.3.1 Release Notes, in the Documents subdirectory.
Important Information About This Update
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
5
Product Availability Change Notice
Product Availability Change Notice
Note • Although certain earlier releases of CiscoWorks SIMS provided a Starter Kit
option, CiscoWorks SIMS 3.4.1 does not. Instead, you can purchase the
CiscoWorks SIMS Enterprise Lite software, which provides additional
software components. See Additional License Restrictions, page 20.
• Registered CiscoWorks SIMS Starter Kit customers will receive a Starter Kit
upgrade to CiscoWorks SIMS 3.4.1. See Additional License Restrictions,
page 20.
• Registered CiscoWorks SIMS Starter Kit users can follow an upgrade path to
either CiscoWorks SIMS Enterprise Pack or CiscoWorks SIMS Enterprise
Lite. See Additional License Restrictions, page 20.
Documentation Roadmap
To install and use CiscoWorks SIMS effectively, read the core documents
described in Table 1 on page 7 in the order listed.
Note • We might update this document after its original publication. Therefore, you
should also review it on Cisco.com for any updates.
• To view Adobe Portable Document Format (PDF) files, Adobe Acrobat
Reader 4.0 or later is required.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
6
OL-11757-01
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation
PDF Filename Document Title;
Description and Intended Audience;
Part Number
1. nfsupp341.pdf
(this document)
Supplement and Release Notes for CiscoWorks Security Information
Management Solution 3.4.1
All users; describes Cisco-specific registration, licensing, product,
features, known problems, and other information to supplement the
documentation written by netForensics, Inc.
OL-11757-01 X X
2. nFX_OSP3.4.1Release
Notes.Cisco.pdf
CiscoWorks SIMS Version 3.4.1 Release Notes
All users; describes system requirements, supported platforms, product
installation, product feature highlights, and known issues.
OL-11535-01 X X
3. nFAgentReleaseNotes
(October2006).Cisco.pdf
CiscoWorks SIMS Agent Installation (October 2006) Release Notes
All users; describes required configuration tasks for the Agent
Installation (October 2006) release.
OL-11579-01 X X
4. nFX_OSP_HCE_Relea
seNotes.Cisco.pdf
nFX OSP Historical Correlation Engine Release Notes
All users; describes system requirements, supported platforms, product
installation, product feature highlights, and known issues.
OL-10759-01 X X
Documentation Roadmap
Written By
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
7
Documentation Roadmap
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation (continued)
PDF Filename Document Title;
Description and Intended Audience;
Part Number
Written By
5. nFX_OSP_DeplPlanIm
plGuide.Cisco.pdf
nFX OSP Deployment Planning and Implementation Guide
Version 3.4
All users; describes CiscoWorks SIMS (nFX OSP) architecture,
components, use cases, options, and requirements, and provides case
studies.
OL-10758-01 X X
6. nFX_OSP_InstallGuide
.Cisco.pdf
nFX OSP Unix and Windows Installation Guide
Red Hat Enterprise Linux AS 2.1, AS 3.0
Solaris 8, Solaris 9 (SPARC)
Windows 2000 Server and Advanced Server
Windows 2003
Version 3.4.1
October 2006
Network and system administrators; provides details about the
preparation for and installation of CiscoWorks SIMS (nFX OSP).
OL-11681-01 X X
7. nFX_OSP_Administrati
onGuide.Cisco.pdf
nFX OSP Administration and Configuration Guide
Version 3.4.1
All users; describes the user interface, architecture and concepts,
prerequisites, configuration, user settings, component and
administrative options, database management and performance,
reports, device message formats, diagnostics, maintenance, rollback
and fault tolerance.
OL-11531-01 X X
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
8
OL-11757-01
Documentation Roadmap
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation (continued)
PDF Filename Document Title;
Description and Intended Audience;
Part Number
Written By
8. nFX_OSP_UsersGuide.
Cisco.pdf
nFX OSP User’s Guide
Version 3.4.1
Network security professionals and general users; describes how to use
CiscoWorks SIMS (nFX OSP) to view and analyze security information
in a computer network.
OL-11532-01 X X
9. nFX_OSP_AdvancedU
sersGuide.Cisco.pdf
nFX OSP Advanced User’s Guide
Version 3.4
Network security professionals, system and network administrators;
describes security monitoring strategy, best practices, the need
for—and importance of—computer forensics, and the advantages
derived from incident response.
OL-10757-01 X X
10. nFReportsguide.Cisco.
pdf
nFX OSP Reports Guide
Version 3.4.1
Network security professionals and system administrators; provides
details about the reporting tools.
OL-11533-01 X X
11. nFX_OSP_IRMAdmin
guide.Cisco.pdf
nFX OSP Incident Resolution Management Administration Guide
Version 3.4
All users.
OL-10760-01 X X
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
9
Documentation Roadmap
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation (continued)
PDF Filename Document Title;
Description and Intended Audience;
Part Number
Written By
12. nFX_OSP_RBC_Admi
nistrationGuide.Cisco.p
df
nFX OSP Rule Based Correlation Administration Guide
Version 3.4
All users.
OL-10761-01 X X
13. nFX_OSP_
RBC_LoggingTuningG
uide.cisco.pdf
Logging Requirements and RBC Tuning Guide
Version 3.4
Network security professionals, system and network
administrators;providesdetailsabout tuning RBCengine rules in
CiscoWorks SIMS (nFX OSP).
OL-10756-01 X X
14. nFX_OSP_VCAdminist
rationGuide.Cisco.pdf
nFX OSP Vulnerability Correlation Administration Guide
Version 3.4.1
All users.
OL-11534-01 X X
15. nFX_OSP_SecureCertif
icateManagerGuide.Cis
co.pdf
nFX OSP Secure Certificate Manager & SSL Setup and Administration Guide
Version 3.4
Network security professionals and general users; provides details
about using Secure Certificate Manager to generate certificates.
OL-10974-01 X X
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
10
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
Obtaining Documentation
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation (continued)
PDF Filename Document Title;
Description and Intended Audience;
Part Number
Written By
16. nFX_OSP_QuickConne
ct_UserGuide.Cisco.pd
f
nFX OSP Quick Connect User Guide
Version 3.4
Network security professionalsand general users; providesinformation
about QuickConnect features,architectureand configuration,describes
the user interface, and provides step-by-step procedures for important
tasks.
OL-10978-01 X X
17. nFX_OSP_SecurityPort
al.Cisco.pdf
nFX OSP Security Portal Server User’s Guide
Version 3.4
Network administrators; provides details about logging into and out of
SPS, describes the SPS interface, tools, and controls, and provides
examples of scheduled reports that you can view.
OL-10979-01 X X
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
In addition, online help written by netForensics is integrated into the CiscoWorks
SIMS (nFX OSP) product to provide all users with context-sensitive,
task-oriented assistance.
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. This
section explains the product documentation resources that Cisco offers.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
11
Obtaining Documentation
Note Cisco Systems does notselldocumentation that netForensicspreparesfor users of
nFX OSP products, also known collectively as CiscoWorks SIMS. For
information on where and how a Cisco customer can obtain netForensics
documentation for CiscoWorks SIMS 3.4, see Table 1 on page 7.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/techsupport
You can access the Cisco website at this URL:
http://www.cisco.com
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Product Documentation DVD
12
The Product Documentation DVDis a library of technical product documentation
on a portablemedium. The DVD enablesyouto access installation, configuration,
and command guides for Cisco hardware and software products. With the DVD,
you have access to the HTML documentation and some of the PDF files found on
the Cisco website at this URL:
http://www.cisco.com/univercd/home/home.htm
The Product Documentation DVD is created and released regularly. DVDs are
available singly or by subscription. Registered Cisco.com users can order a
Product Documentation DVD (product number DOC-DOCDVD= or
DOC-DOCDVD=SUB) from Cisco Marketplace at the Product Documentation
Store at this URL:
http://www.cisco.com/go/marketplace/docstore
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
Ordering Documentation
You must be a registered Cisco.com user to accessCisco Marketplace. Registered
users may order Cisco documentation at the Product Documentation Store at this
URL:
http://www.cisco.com/go/marketplace/docstore
If you do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Documentation Feedback
You can provide feedback about Cisco technical documentation on the
Cisco Technical Support & Documentation site area by entering your comments
in the feedback form available in every online document.
Cisco Product Security Overview
Documentation Feedback
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.ht
ml
From this site, you will find information about how to do the following:
• Report security vulnerabilities in Cisco products
• Obtain assistance with security incidents that involve Cisco products
• Register to receive security information from Cisco
A current list of security advisories, security notices, and security responses for
Cisco products is available at this URL:
http://www.cisco.com/go/psirt
13
Cisco Product Security Overview
To see security advisories, security notices, and security responses as they are
updated in real time, you can subscribetotheProduct Security Incident Response
Team Really Simple Syndication (PSIRT RSS) feed. Information about how to
subscribe to the PSIRT RSS feed is found at this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally
before we release them, and we strive to correct all vulnerabilities quickly. If you
think that you have identified a vulnerability in a Cisco product, contact PSIRT:
• For emergencies only —security-alert@cisco.com
An emergency is either a condition in which a system is under active attack
or a condition for which a severe and urgent security vulnerability should be
reported. All other conditions are considered nonemergencies.
• For nonemergencies —psirt@cisco.com
In an emergency, you can also reach PSIRT by telephone:
• 1 877 228-7302
• 1 408 525-6532
14
Tip Weencourage you to use Pretty Good Privacy (PGP) or a compatible product (for
example, GnuPG) to encrypt any sensitive information that you send to Cisco.
PSIRTcan work with information that has been encrypted with PGP versions 2.x
through 9.x.
Never use a revoked encryption key or an expired encryption key. The correct
public key to use in your correspondence with PSIRT is the one linked in the
Contact Summary section of the Security Vulnerability Policy page at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.ht
ml
The link on this page has the current PGP key ID in use.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
If you do not have or use PGP, contact PSIRT to find other means of encrypting
the data before sending any sensitive material.
Product Alerts and Field Notices
Modificationsto or updates about Cisco products are announced in Cisco Product
Alerts and Cisco Field Notices. You can receive Cisco Product Alerts and Cisco
Field Noticesby using the ProductAlert Toolon Cisco.com. Thistoolenables you
to create a profile and choose those products for which you want to receive
information.
To access the Product Alert Tool, you must be a registered Cisco.com user. (To
register as a Cisco.com user, go to this URL:
http://tools.cisco.com/RPF/register/register.do) Registered users can access the
tool at this URL:
http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en
Product Alerts and Field Notices
Obtaining Technical Assistance
Cisco Technical Support provides 24-hour-a-day award-winning technical
assistance. The Cisco TechnicalSupport & Documentation website on Cisco.com
features extensive online support resources. In addition, if you have a valid
Cisco service contract, Cisco Technical Assistance Center (TAC) engineers
provide telephone support. If you do not have a valid Cisco service contract,
contact your reseller.
Cisco Technical Support & Documentation Website
The Cisco Technical Support & Documentation website provides online
documents and tools for troubleshooting and resolving technical issues with
Cisco products and technologies. The website is available 24 hours a day at
this URL:
http://www.cisco.com/techsupport
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
15
Obtaining Technical Assistance
Access to all tools on the Cisco Technical Support & Documentation website
requires a Cisco.com user ID and password. If you have a valid service contract
but do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note Use the Cisco Product Identification Tool to locate your product serial number
before submitting a request for service online or by phone. You can access this
tool from the Cisco Technical Support & Documentation website by clicking the
Tools & Resources link, clicking the All Tools (A-Z) tab, and then choosing
Cisco Product Identification Tool from the alphabetical list. This tool offers
three search options: by product ID or model name; by tree view; or, for certain
products, by copying and pasting show command output. Search results show an
illustration of your product with the serial number label location highlighted.
Locate the serial number label on your product and record the information before
placing a service call.
Tip Displaying and Searching on Cisco.com
If you suspect that the browser is not refreshing a web page, force the browser to
update the web page by holding down the Ctrl key while pressing F5.
To find technical information, narrow your search to look in technical
documentation, not the entire Cisco.com website. On the Cisco.com home page,
click the Advanced Search link under the Search box and then click the
Technical Support & Documentation radio button.
To provide feedback about the Cisco.com website or a particular technical
document, click Contacts & Feedback at the top of any Cisco.com web page.
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4
service requests. (S3 and S4 service requests are those in which your network is
minimally impaired or for which you require product information.) After you
describe your situation, the TAC Service Request Tool provides recommended
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
16
OL-11757-01
Obtaining Technical Assistance
solutions. If your issue is not resolved using the recommended resources, your
service request is assigned to a Cisco engineer. The TAC Service Request Tool is
located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests, or if you do not have Internet access, contact the
Cisco TAC by telephone. (S1 or S2 service requests are those in which your
production network is down or severely degraded.) Cisco engineers are assigned
immediately to S1 and S2 service requests to help keep your business operations
running smoothly.
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411
Australia: 1 800 805 227
EMEA: +32 2 704 55 55
USA: 1 800 553 2447
For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has
established severity definitions.
Severity 1 (S1)—An existing network is “down” or there is a critical impact to
your business operations. You and Cisco will commit all necessary resources
around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or
significant aspects of your business operations are negatively affected by
inadequate performance of Cisco products. You and Cisco will commit full-time
resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational performance of the network is impaired while most
business operations remain functional. You and Cisco will commit resources
during normal business hours to restore service to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product
capabilities, installation, or configuration. There is little or no effect on your
business operations.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
17
Obtaining Additional Publications and Information
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is
available from various online and printed sources.
• The Cisco Online Subscription Center is the website where you can sign up
for a variety of Cisco e-mail newsletters and other communications. Create a
profile and then select the subscriptions that you would like to receive. To
visit the Cisco Online Subscription Center, go to this URL:
http://www.cisco.com/offer/subscribe
• The Cisco Product Quick Reference Guide is a handy, compact reference tool
that includes briefproductoverviews, keyfeatures,sample part numbers, and
abbreviated technical specifications for many Cisco products that are sold
through channel partners. It is updated twice a year and includes the latest
Cisco channel product offerings. To order and find out more about the
Cisco Product Quick Reference Guide, go to this URL:
http://www.cisco.com/go/guide
• Cisco Marketplace provides a variety of Cisco books, reference guides,
documentation, andlogo merchandise. VisitCisco Marketplace,thecompany
store, at this URL:
http://www.cisco.com/go/marketplace/
• Cisco Press publishes a wide range of general networking, training, and
certification titles. Both new and experienced users will benefit from these
publications. For current Cisco Press titles and other information, go to
Cisco Press at this URL:
http://www.ciscopress.com
• Internet Protocol Journal is a quarterly journal published by Cisco Systems
for engineering professionals involved in designing, developing, and
operating public and private internets and intranets. You can access the
Internet Protocol Journal at this URL:
http://www.cisco.com/ipj
• Networking products offered by Cisco Systems, as well as customer support
services, can be obtained at this URL:
http://www.cisco.com/en/US/products/index.html
18
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
CiscoWorks SIMS Licensing and Registration
• Networking Professionals Connection is an interactive website where
networking professionals share questions, suggestions, and information
about networking products and technologies with Cisco experts and other
networking professionals. Join a discussion at this URL:
http://www.cisco.com/discuss/networking
• “What’sNew in Cisco Documentation” is an online publication that provides
information about the latest documentation releases for Cisco products.
Updated monthly,this online publication is organized by product category to
direct you quickly to the documentation for your products. You can view the
latest release of “What’s New in Cisco Documentation” at this URL:
http://www.cisco.com/univercd/cc/td/doc/abtunicd/136957.htm
• World-class networking training is available from Cisco. You can view
current offerings at this URL:
http://www.cisco.com/en/US/learning/index.html
CiscoWorks SIMS Licensing and Registration
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
This section contains the following:
• Supplemental End-User License Agreement, page 20
• Registration andLicensingNotes for All CiscoWorksSIMS Components and
Add-On Kits, page 24
• Getting Help with Licensing, page 24
• End User License, page 25
19
CiscoWorks SIMS Licensing and Registration
Supplemental End-User License Agreement
SUPPLEMENTALLICENSE AGREEMENTFORCISCOSYSTEMSSECURITY MANAGEMENT
SOFTWARE: CiscoWorks Security Information Management Solution Product Line
IMPORTANT—READ CAREFULLY: This Supplemental License Agreement
(“SLA”) contains additionallimitationson the license to the Softwareprovidedto
Customer under the Software License Agreement between Customer and Cisco.
Capitalized terms used in this SLA and not otherwise defined herein shall have
the meanings assigned to them in the Software License Agreement. To the extent
that there is a conflict among any of these terms and conditions applicable to the
Software, the terms and conditions in this SLA shall take precedence.
By installing, downloading, accessing or otherwise using the Software,Customer
agrees to be bound by the terms of this SLA. If Customer does not agree to the
terms of this SLA, Customer may not install, download, or otherwise use the
Software. When used below, the term “server” refers to central processor unit.
1. ADDITIONAL LICENSE RESTRICTIONS.
• Installation and Use. The Software and all of its related components are
provided to Customer solely to install, update, supplement, or replace
existing functionality of the applicable Security Management Software
product. Customer may install and use the following Software components
subject to the following restrictions:
–
CiscoWorks Security Information Management Solution (SIM)
Starter Kit Software Upgrade:
• Master Engine Server: Customer may upgrade on one (1) server, per
license certificate, in the Customer’s network management environment.
• Distributed Engine Server: Customer may upgrade on one (1) server, per
license certificate, in the Customer’s network management environment.
• Database: Customer mayupgradeone (1) instance of the Oracle standard
database on one (1) server with five (5) Oracle human users and up to
four (4) CPUs per license certificate, in the Customer’s network
management environment. Additional Oracle human user licenses are
purchased separately.
20
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
CiscoWorks SIMS Licensing and Registration
• Device LicensesforAgents:The SIM Starter Kit and its upgrade provide
a license certificate to allow agents to monitor a minimum of thirty (30)
devices, in the Customer’s network environment. Additional device
licenses are purchased separately.
–
CiscoWorks Security Information Management Solution (SIM)
Enterprise Lite Software:
• Master Engine Server: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Distributed Engine Server: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Database: Customer may install one (1) instance of the Oracle standard
database on one (1) server with five (5) Oracle human users and up to
four (4) CPUs per license certificate, in the Customer’s network
management environment. Additional Oracle standard or enterprise
database or human user licenses are purchased separately.
• Device LicensesforAgents:The SIM Starter Kit and its upgrade provide
a license certificate to allow agents to monitor up to five (5) devices, in
the Customer’s network environment. Additional device licenses are
purchased separately.
• Enterprise Security Portal: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Quick Connect: Customer may install on one (1) server, per license
certificate, in the Customer’s network management environment.
–
CiscoWorks Security Information Management Solution (SIM)
Enterprise Pack Software:
• Master Engine Server: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Distributed Engine Server: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Database: Customer may install one (1) instance of the Oracle standard
database on one (1) server with five (5) Oracle human users and up to
four (4) CPUs per license certificate, in the Customer’s network
management environment. Additional Oracle standard or enterprise
database or human user licenses are purchased separately.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
21
CiscoWorks SIMS Licensing and Registration
• Device LicensesforAgents:The SIM Starter Kit and its upgrade provide
a license certificate to allow agents to monitor up to ten (10) devices, in
the Customer’s network management environment. Additional device
licenses are purchased separately.
• Enterprise Security Portal: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Quick Connect: Customer may install on one (1) server, per license
certificate, in the Customer’s network management environment.
• Rule Based Correlation Engine: Customer may install on one (1) server,
per license certificate, in the Customer’s network management
environment.
• Vulnerability Correlation Engine: Customer may install on one (1)
server, per license certificate, in the Customer’s network management
environment.
• Incident Resolution Management: Customer may install on one (1)
server, per license certificate, in the Customer’s network management
environment.
–
CiscoWorks Security Information Management Solution (SIM)
Enterprise Pack Software Upgrade from the Starter Kit:
• Software Upgrade: Customer may upgrade on one (1) server of each
SIMS software component, per license certificate, in the Customer’s
network management environment.
• Enterprise Security Portal: Customer may upgrade on one (1) server, per
license certificate, in the Customer’s network management environment.
• Quick Connect: Customer may upgrade on one (1) server, per license
certificate, in the Customer’s network management environment.
• Rule Based Correlation Engine: Customer may upgrade on one (1)
server, per license certificate, in the Customer’s network management
environment.
• Vulnerability Correlation Engine: Customer may upgrade on one (1)
server, per license certificate, in the Customer’s network management
environment.
• Incident Resolution Management: Customer may upgrade on one (1)
server, per license certificate, in the Customer’s network management
environment.
22
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
CiscoWorks SIMS Licensing and Registration
–
The following restrictions apply when Customer has exercised an
optiontopurchase additional softwarecomponents or devicelicenses
for CiscoWorks SIMS:
• Enterprise Security Portal: Customer may install on one (1) server, per
license certificate, in the Customer’s network management environment.
• Rule Based Correlation Engine: Customer may install on one (1) server,
per license certificate, in the Customer’s network management
environment.
• Vulnerability Correlation Engine: Customer may install on one (1)
server, per license certificate, in the Customer’s network management
environment.
• Incident Resolution Management: Customer may install on one (1)
server, per license certificate, in the Customer’s network management
environment.
• Distributed Engine: Customer may install on one (1) additional server,
per license certificate, in the Customer’s network management
environment.
• Database: Customer may install one (1) additional standard or enterprise
Oracle database on one (1) server, per license certificate, in the
Customer's network management environment.
• License Certificate: Customer may use CiscoWorks SIMS software
agents to monitor up to the total additional devices purchased for any or
all category types in the Customer’s network management environment.
• Reproduction and Distribution. Customer may neither reproduce nor
distribute the Software. Software may be installed on a second server,
provided that the first and second servers do not use the Software
simultaneously.Youmaymake a limitednumberof copies of theSoftware for
archival purposes, provided that any copy must contain all of the proprietary
notices accompanying the Software. If you receive your first copy of the
Software electronically,anda second copy of theSoftwareon media, then the
second copy may be used for archival purposes only.
2. DESCRIPTION OF OTHER RIGHTS AND LIMITATIONS.
Please refer to Software License Agreement, page 25.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
23
CiscoWorks SIMS Licensing and Registration
Registration and Licensing Notes for All CiscoWorks SIMS Components and Add-On Kits
To obtain a production license for your CiscoWorks SIMS software—including
but not limited to the optional software components (see Additional License
Restrictions, page 20), you must register your copy of the software. When
registering, you must provide the Product Authorization Key (PAK), which is
attached to the Software License Claim Certificate inside the shipped software
package.
1. Ifyou do not haveafree Cisco.com user account, create one for yourself here:
http://tools.cisco.com/RPF/register/register.do
2. Log in to your Cisco.com user account, then register your software here:
http://www.cisco.com/go/license
After registration, the software license is sent to the email address you provided
during registration. Keep this document with your other CiscoWorks SIMS
paperwork and media.
Getting Help with Licensing
If you have trouble using the registration website or this document, contact the
Licensing Department in the Cisco Technical Assistance Center (TAC):
• Phone: +1 (800) 553-2447
• E-Mail: licensing@cisco.com
• http://www.cisco.com/tac
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
24
OL-11757-01
End User License
Software License Agreement
PLEASE READ THIS SOFTWARE LICENSE AGREEMENT CAREFULLY
BEFORE DOWNLOADING, INSTALLING OR USING CISCO OR
CISCO-SUPPLIED SOFTWARE.
BY DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING THE
EQUIPMENT THAT CONTAINS THIS SOFTWARE, YOU ARE BINDING
THE BUSINESSENTITY THATYOU REPRESENT(“CUSTOMER”) TO THIS
AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, THEN (A) DO NOT DOWNLOAD, INSTALL OR USE THE
SOFTWARE, AND (B) YOU MAY RETURN THE SOFTWARE FOR A FULL
REFUND, OR, IF THE SOFTWARE IS SUPPLIED AS PART OF ANOTHER
PRODUCT, YOU MAY RETURN THE ENTIRE PRODUCT FOR A FULL
REFUND. YOUR RIGHT TO RETURN AND REFUND EXPIRES 30 DAYS
AFTER PURCHASE FROM CISCO OR AN AUTHORIZED CISCO
RESELLER, AND APPLIES ONLY IF CUSTOMER IS THE ORIGINAL END
USER PURCHASER.
The following terms of this Software License Agreement (“Agreement”) govern
Customer’s access and use of the Software, except to the extent (a) there is a
separate signed agreement between Customer and Cisco governing Customer’s
use of the Softwareor(b)theSoftware includes a separate “click-accept”license
agreement as part of the installation and/or download process. To the extent of a
conflict between the provisions of the foregoing documents, the order of
precedenceshallbe (1) the signed agreement,(2)the click-accept agreement,and
(3) this Software License Agreement.
License. Subject to the terms and conditions of this Agreement, Cisco Systems,
Inc. or its subsidiary licensing the Software instead of Cisco Systems, Inc.
(“Cisco”), grants to Customer a nonexclusive and nontransferable license to use
for Customer’s internal business purposes the Software and the Documentation
for which Customer has paid the required license fees. “Documentation” means
written information (whether contained in user or technical manuals, training
materials, specificationsor otherwise) regarding the Software and made available
by Cisco in any manner (including on CD-ROM, or on-line).
CiscoWorks SIMS Licensing and Registration
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
25
CiscoWorks SIMS Licensing and Registration
Customer’slicense to use the Software shall be limited to, and Customer shall not
use the Software in excess of, a single hardware chassis or card or that number of
agent(s), concurrent users, sessions, IP addresses, port(s), seat(s), server(s) or
site(s), as set forth in the applicable Purchase Order which has been accepted by
Cisco and for which Customer has paid to Cisco the required license fee.
Unless otherwise expressly provided in the Documentation, Customer shall use
the Software solely as embedded in, for execution on, or (where the applicable
documentation permits installation on non-Cisco equipment) for communication
with Cisco equipment owned or leased by Customer. NOTE: For evaluation or
beta copies for which Cisco does not charge a license fee, the above requirement
to pay license fees does not apply.
General Limitations. Except as otherwise expressly provided under this
Agreement, Customer shall have no right, and Customer specifically agrees
not to:
(i) transfer, assign or sublicense its license rights to any other person or
entity, or use the Software on unauthorized or secondhand Cisco equipment,
and Customer acknowledges that any attempted transfer, assignment,
sublicense or use shall be void;
(ii) make error corrections to or otherwise modify or adapt the Software or
create derivative works based upon the Software, or permit third parties to do
the same;
(iii) decompile, decrypt, reverse engineer, disassemble or otherwise reduce
the Software to human-readable form; or
(iv) use or permit the Software tobeusedto perform services for third parties
without the express written authorization of Cisco.
To the extent required by law, and at Customer’s written request, Cisco shall
provide Customer with the interface information needed to achieve
interoperability between the Software and another independently created
program, on payment of Cisco’s applicable fee, if any. Customer shall observe
strict obligations of confidentiality with respect to such information.
Software, Upgrades and Additional Copies. For purposes of this Agreement,
“Software” shall include (and the terms and conditions of this Agreement shall
apply to) computer programs, including firmware, as provided to Customer by
Cisco or an authorized Cisco reseller, and any upgrades, updates, bug fixes or
modified versions thereto (collectively, “Upgrades”) or backup copies of the
Software licensed or provided to Customer by Cisco or an authorized Cisco
reseller. NOTWITHSTANDING ANY OTHER PROVISION OF THIS
26
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
CiscoWorks SIMS Licensing and Registration
AGREEMENT: (1) CUSTOMER HAS NO LICENSE OR RIGHT TO USE ANY
ADDITIONAL COPIES OR UPGRADES UNLESS CUSTOMER, AT THE
TIME OF ACQUIRING SUCH COPY OR UPGRADE, ALREADY HOLDS A
VALID LICENSE TO THE ORIGINAL SOFTWARE AND HAS PAID THE
APPLICABLE FEE FOR THE UPGRADE; (2) USE OF UPGRADES IS
LIMITED TO CISCO EQUIPMENT FOR WHICH CUSTOMER IS THE
ORIGINAL END USER PURCHASER OR LESSEE OR WHO OTHERWISE
HOLDS A VALID LICENSE TO USE THE SOFTWARE WHICH IS BEING
UPGRADED; AND (3) THE MAKING AND USE OF ADDITIONAL COPIES
IS LIMITED TO NECESSARY BACKUP PURPOSES ONLY.
Proprietary Notices. Customer agrees to maintain and reproduce all copyright
and other proprietary notices on all copies, in any form, of the Software in the
same form and manner that such copyright and other proprietary notices are
included on the Software. Except as expressly authorized in this Agreement,
Customer shall not make any copies or duplicates of any Software without the
prior written permission of Cisco.
Protection of Information. Customer agrees that aspects of the Software and
associated Documentation, including the specific design and structure of
individual programs, are trade secrets and/or copyrighted materials of Cisco, its
suppliers or licensors. Customer shall not disclose, provide, or otherwise make
availablesuch trade secrets or copyrighted material in any form to any third party
without the prior written consent of Cisco. Customer shall implement reasonable
security measures to protect such trade secrets and copyrighted materials. Title to
Software and Documentation shall remain solely with Cisco, its suppliers or
licensors.
Term and Termination. This Agreement and the license granted herein shall
remain effective until terminated. Customer may terminate this Agreement and
the license at any time by destroying all copies of Software including any
Documentation. Customer’s rights under this Agreement will terminate
immediately without notice from Cisco if Customer fails to comply with any
provision of this Agreement. Upontermination,Customershalldestroy all copies
of Software and Documentation in its possession or control.
Customer Records. Customer grantstoCisco and its independent accountants the
right to examine Customer's books, records and accounts during Customer’s
normal business hours to verify compliance with this Agreement. In the event
such audit discloses non-compliance with this Agreement, Customer shall
promptly pay to Cisco the appropriate license fees.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
27
CiscoWorks SIMS Licensing and Registration
Export. Software, including technical data, may be subject to U.S. export control
laws,includingthe U.S. Export Administration Actand its associated regulations,
and may be subject to export or import regulations in other countries. Customer
agrees to comply strictly with all such regulations and acknowledges that it has
the responsibility to obtain licenses to export, re-export, or import Software.
U.S. Government End User Purchasers. The Software and Documentation
qualify as “commercial items,” as that term is defined at 48 C.F.R. 2.101,
consisting of “commercial computer software” and “commercial computer
software documentation” as such terms are used in 48 C.F.R. 12.212. Consistent
with 48 C.F.R.12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4, Customer
will provide to Government end user, or, if this Agreement is direct Government
end user will acquire, the Software and software documentation with only those
rights set forth herein that apply to non-governmental customers. Use of this
SoftwareandDocumentation constitutes agreementby the Governmententity that
the computer software and Documentation is commercial, and constitutes
acceptance of the rights and restrictions herein.
Limited Warranty
Cisco warrants that commencing from the date of shipment to Customer (but in
case of resale by an authorized Cisco reseller, commencing not more than ninety
(90) days after original shipment by Cisco), and continuing for a period of the
longer of (a) ninety (90) days or (b) thesoftwarewarranty period (if any) set forth
in the warranty card accompanying the Product (if any): (a) the media on which
the Software is furnished will be free of defects in materials and workmanship
under normal use; and (b) the Software substantially conforms to its published
specifications. The date of shipment of a Product by Cisco is set forth on the
packaging material in which the Product is shipped. Except for the foregoing, the
Software is provided AS IS. This limited warranty extends only to the Customer
who is the original licensee. Customer’s sole and exclusive remedy and the entire
liability of Cisco and its suppliers and licensors under this limited warranty will
be, at Cisco’s option, repair, replacement, or refund of the Software if reported
(or, upon request, returned) to Cisco or the party supplying the Software to
Customer, if different than Cisco. In no event does Cisco warrant that the
Software is error free or that Customer will be able to operate the Software
without problems or interruptions. In addition, due to the continual development
of new techniques for intruding upon and attacking networks, Cisco does not
warrant that the Software or any equipment, system or network on which the
Software is used will be free of vulnerability to intrusion or attack.
28
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
CiscoWorks SIMS Licensing and Registration
Restrictions. This warranty does not apply if the Software, Product or any other
equipment upon which the Software is authorized to be used (a) has been altered,
except by Cisco, (b) has not been installed, operated, repaired, or maintained in
accordance with instructions supplied by Cisco, (c) has been subjected to
abnormal physical or electrical stress, misuse, negligence, or accident; or (d) is
licensed, for beta, evaluation, testing or demonstration purposes for which Cisco
does not charge a purchase price or license fee.
DISCLAIMER OF WARRANTY. EXCEPT AS SPECIFIED IN THIS
WARRANTY, ALL EXPRESS OR IMPLIED CONDITIONS,
REPRESENTATIONS, AND WARRANTIES INCLUDING, WITHOUT
LIMITATION, ANY IMPLIED WARRANTY OR CONDITION OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
NONINFRINGEMENT, SATISFACTORY QUALITY OR ARISING FROM A
COURSE OF DEALING, LAW, USAGE, OR TRADE PRACTICE, ARE
HEREBY EXCLUDED TOTHE EXTENT ALLOWED BYAPPLICABLE LAW
AND ARE EXPRESSLY DISCLAIMED BY CISCO, ITS SUPPLIERS AND
LICENSORS. TO THE EXTENT AN IMPLIED WARRANTY CANNOT BE
EXCLUDED, SUCH WARRANTY IS LIMITED IN DURATION TO THE
WARRANTY PERIOD. BECAUSE SOME STATES OR JURISDICTIONS DO
NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY
LASTS, THE ABOVE LIMITATION MAY NOT APPLY. THIS WARRANTY
GIVES CUSTOMER SPECIFIC LEGAL RIGHTS, AND CUSTOMER MAY
ALSO HAVE OTHER RIGHTS WHICH VARY FROM JURISDICTION TO
JURISDICTION. This disclaimer and exclusion shall apply even if the express
warranty set forth above fails of its essential purpose.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
General Terms Applicable to the Limited Warranty Statement and Software License
Disclaimer of Liabilities. IN NO EVENT WILL CISCO OR ITS SUPPLIERS
BE LIABLE FOR ANY LOST REVENUE, PROFIT,OR LOST OR DAMAGED
DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL,
OR PUNITIVE DAMAGES HOWEVER CAUSED AND REGARDLESS OF
THE THEORY OF LIABILITY OR WHETHER ARISING OUT OF THE USE
OF OR INABILITY TO USE SOFTWARE OR OTHERWISE AND EVEN IF
CISCO ORITSSUPPLIERS OR LICENSORS HAVE BEEN ADVISEDOF THE
POSSIBILITY OF SUCH DAMAGES. In no event shall Cisco’s or its suppliers’
or licensors’ liability to Customer, whether in contract, tort (including
negligence),orotherwise, exceed theprice paid by Customerforthe Software that
gave rise to the claim or if the Software is part of another Product, the price paid
for such other Product. The foregoing limitations shall apply even if the
29
CiscoWorks SIMS Licensing and Registration
above-stated warranty fails of its essential purpose. BECAUSE SOME STATES
OR JURISDICTIONS DO NOT ALLOW LIMITATION OR EXCLUSION OF
CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE
LIMITATION MAY NOT APPLY TO YOU.
The Warranty and the Software License shall be governed by and construed in
accordance with the laws of the State of California, without reference to
principles of conflictoflaws. The United Nations Convention ontheInternational
Sale of Goods shall not apply. If any portion hereof is found to be void or
unenforceable, the remaining provisions of the Agreement shall remain in full
force and effect. Except as expressly provided herein, this Agreement constitutes
the entire agreement between the parties with respect to the license of the
Software and supersedes any conflicting or additional terms contained in any
purchase order or elsewhere all of which terms are excluded.
This document is to be used in conjunction with the documents listed in Documentation Roadmap, page 6.
CCVP, the Cisco Logo,and the Cisco Square Bridge logo aretrademarks of Cisco Systems, Inc.; Changing theWay
We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX,
Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo,
Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity,
Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive,
GigaStack, HomeLink, InternetQuotient, IOS, IP/TV, iQExpertise, the iQlogo, iQ Net Readiness Scorecard,iQuick
Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX,
ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet,StackWise, The Fastest Wayto Increase Your Internet
Quotient, and TransPathare registered trademarks of Cisco Systems,Inc. and/or its affiliates in theUnited States and
certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of
the word partner does not imply a partnership relationship between Cisco and any other company. (0609R)
© 2006 Cisco Systems, Inc. All rights reserved.
30
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
Loading...