Cisco Systems OL-11757-01 User Manual
Supplement and Release Notes for
CiscoWorks Security Information
Management Solution (SIMS) 3.4.1
OL-11757-01
Revised October 31, 2006
This document provides Cisco-specific information to supplement the
CiscoWorks Security Information Management Solution (SIMS) 3.4.1
documentation, developed by netForensics, Inc. This document contains:
• Acknowledgements, page 2
• Important Information About This Update, page 2
• Product Availability Change Notice, page 6
• Documentation Roadmap, page 6
• Obtaining Documentation, page 11
• Documentation Feedback, page 13
• Cisco Product Security Overview, page 13
• Product Alerts and Field Notices, page 15
• Obtaining Technical Assistance, page 15
Corporate Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© 2006 Cisco Systems, Inc. All rights reserved.
Acknowledgements
• Obtaining Additional Publications and Information, page 18
• CiscoWorks SIMS Licensing and Registration, page 19
Acknowledgements
CiscoWorks SIMS is the netForensics, Inc., Security Information Management
Solution. This product is offered to Cisco Systems customers in cooperation with
netForensics, Inc.
Important Information About This Update
Caution If you use a CiscoWorks SIMS version earlier than 3.4, you must upgrade to
version 3.4 beforeyoutrytoinstalltheCiscoWorksSIMS3.4.1update.You must
not apply this update to any CiscoWorksSIMSversionearlierthan3.4.Ifyou do,
your server might become unstable or unusable.
Topics in this section describe how this release differs from earlier releases:
• Updated Documents, page 2
• Agents in This Update, page 3
Updated Documents
The following netForensics guides are updated for the CiscoWorks SIMS 3.4.1
release. For information about where you can obtain them, see
nFX_OSP3.4.1ReleaseNotes.Cisco.pdf:
• nFX OSP Unix and Windows Installation Guide
• nFX OSP Administration and Configuration Guide
• nFX OSP User’s Guide
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
2
OL-11757-01
• nFX OSP Reports Guide
• nFX OSP Vulnerability Correlation Administration Guide
See Documentation Roadmap, page 6 for detailed information.
Agents in This Update
This update includes new and changed agents. To learn more, see these topics:
• Changed Terminology, page 3
• New and Replaced Agents, page 3
• Updated Agents, page 4
• Agent Installation Notes, page 5
Changed Terminology
The 3.3 Consolidated Agent from CiscoWorks SIMS 3.3 has been renamed. Its
new name is Agent Installation (October 2006).
Important Information About This Update
New and Replaced Agents
Agent Installation (October 2006) includes the following new agents:
• nF Agent for AirDefense Enterprise Agent
• nF Agent for Fortinet FortiGate
• nF Agent for Microsoft ISA Server
• nF Agent for Microsoft SQL Server
• nF Agent for RippleTech Informant
• nF Agent for Unix OS
• nF Agent for Websense Enterprise
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
3
Important Information About This Update
Note nF Agent for Unix OS replaces the following two agents:
• nF Agent for HP Unix
• nF Agent for IBM AIX OS
Updated Agents
Agent Installation (October 2006) includes updates to the following agents:
• nF Agent for Sidewinder
• nF Agent for Dragon Sensor
• nF Agent for Sourcefire EStreamer
• nF Agent for Real Secure ISS Site Protector
• nF Agent for Real Secure Desktop Protector
• nF Agent for Arbor Peakflow X
• nF Agent for Cisco Secure IPS
• nF Agent for Symantec AntiVirus
• nF Agent for Foundstone Scanner
• nF Agent for Syslog File Agent (syslog)
• nF Agent for Syslog File Agent (Java)
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
4
OL-11757-01
Agent Installation Notes
The version of CiscoWorks SIMS that you have determines whether, how, and
when you use Agent Installation (October 2006). For detailed information, see
nFAgentReleaseNotes(October2006).Cisco.pdf.
Version Notes
3.4.1
3.4
3.3.1
3.3
or earlier
You already have the software that this update contains.
You must apply Point Update 58405 from the Agent Installation (October 2006)CD-ROM
before you install any of the agents included in this release:
• nFSIM-3.4-PNTUPD-58405.tar.gz is in the Prerequisite Point Updates/3.4
Prerequisite subdirectory.
• For detailed installation instructions, see Point Update 58405 for CiscoWorks SIMS
3.4 Release Notes, in the Documents subdirectory.
You must apply Point Update 58404 from the Agent Installation (October 2006)CD-ROM
before you install any of the agents included in this release:
• nFSIM-3.3.1-PNTUPD-58404.tar.gz is in the Prerequisite Point Updates/3.3.1
Prerequisite subdirectory.
• For detailed installation instructions, see Point Update 58404 for CiscoWorks SIMS
3.3.1 Release Notes, in the Documents subdirectory.
You must complete this procedure before you install any of the agents included in
this release:
1. Upgrade to CiscoWorks SIMS 3.3.1.
For detailed upgrade instructions, see either:
• nFX OSP Version 3.3.1 Release Notes.
or
• nFX OSP Version 3.3.1 Migration Update Release Notes.
2. From the Agent Installation (October 2006) CD-ROM, apply Point Update 58404:
• nFSIM-3.3.1-PNTUPD-58404.tar.gz is in the Prerequisite Point Updates/3.3.1
Prerequisite subdirectory.
• For detailed installation instructions, see Point Update 58404 for CiscoWorks
SIMS 3.3.1 Release Notes, in the Documents subdirectory.
Important Information About This Update
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
5
Product Availability Change Notice
Product Availability Change Notice
Note • Although certain earlier releases of CiscoWorks SIMS provided a Starter Kit
option, CiscoWorks SIMS 3.4.1 does not. Instead, you can purchase the
CiscoWorks SIMS Enterprise Lite software, which provides additional
software components. See Additional License Restrictions, page 20.
• Registered CiscoWorks SIMS Starter Kit customers will receive a Starter Kit
upgrade to CiscoWorks SIMS 3.4.1. See Additional License Restrictions,
page 20.
• Registered CiscoWorks SIMS Starter Kit users can follow an upgrade path to
either CiscoWorks SIMS Enterprise Pack or CiscoWorks SIMS Enterprise
Lite. See Additional License Restrictions, page 20.
Documentation Roadmap
To install and use CiscoWorks SIMS effectively, read the core documents
described in Table 1 on page 7 in the order listed.
Note • We might update this document after its original publication. Therefore, you
should also review it on Cisco.com for any updates.
• To view Adobe Portable Document Format (PDF) files, Adobe Acrobat
Reader 4.0 or later is required.
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
6
OL-11757-01
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation
PDF Filename Document Title;
Description and Intended Audience;
Part Number
1. nfsupp341.pdf
(this document)
Supplement and Release Notes for CiscoWorks Security Information
Management Solution 3.4.1
All users; describes Cisco-specific registration, licensing, product,
features, known problems, and other information to supplement the
documentation written by netForensics, Inc.
OL-11757-01 X X
2. nFX_OSP3.4.1Release
Notes.Cisco.pdf
CiscoWorks SIMS Version 3.4.1 Release Notes
All users; describes system requirements, supported platforms, product
installation, product feature highlights, and known issues.
OL-11535-01 X X
3. nFAgentReleaseNotes
(October2006).Cisco.pdf
CiscoWorks SIMS Agent Installation (October 2006) Release Notes
All users; describes required configuration tasks for the Agent
Installation (October 2006) release.
OL-11579-01 X X
4. nFX_OSP_HCE_Relea
seNotes.Cisco.pdf
nFX OSP Historical Correlation Engine Release Notes
All users; describes system requirements, supported platforms, product
installation, product feature highlights, and known issues.
OL-10759-01 X X
Documentation Roadmap
Written By
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
7
Documentation Roadmap
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation (continued)
PDF Filename Document Title;
Description and Intended Audience;
Part Number
Written By
5. nFX_OSP_DeplPlanIm
plGuide.Cisco.pdf
nFX OSP Deployment Planning and Implementation Guide
Version 3.4
All users; describes CiscoWorks SIMS (nFX OSP) architecture,
components, use cases, options, and requirements, and provides case
studies.
OL-10758-01 X X
6. nFX_OSP_InstallGuide
.Cisco.pdf
nFX OSP Unix and Windows Installation Guide
Red Hat Enterprise Linux AS 2.1, AS 3.0
Solaris 8, Solaris 9 (SPARC)
Windows 2000 Server and Advanced Server
Windows 2003
Version 3.4.1
October 2006
Network and system administrators; provides details about the
preparation for and installation of CiscoWorks SIMS (nFX OSP).
OL-11681-01 X X
7. nFX_OSP_Administrati
onGuide.Cisco.pdf
nFX OSP Administration and Configuration Guide
Version 3.4.1
All users; describes the user interface, architecture and concepts,
prerequisites, configuration, user settings, component and
administrative options, database management and performance,
reports, device message formats, diagnostics, maintenance, rollback
and fault tolerance.
OL-11531-01 X X
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
8
OL-11757-01
Documentation Roadmap
Table 1 Sequence to Read Core CiscoWorks SIMS Documentation (continued)
PDF Filename Document Title;
Description and Intended Audience;
Part Number
Written By
8. nFX_OSP_UsersGuide.
Cisco.pdf
nFX OSP User’s Guide
Version 3.4.1
Network security professionals and general users; describes how to use
CiscoWorks SIMS (nFX OSP) to view and analyze security information
in a computer network.
OL-11532-01 X X
9. nFX_OSP_AdvancedU
sersGuide.Cisco.pdf
nFX OSP Advanced User’s Guide
Version 3.4
Network security professionals, system and network administrators;
describes security monitoring strategy, best practices, the need
for—and importance of—computer forensics, and the advantages
derived from incident response.
OL-10757-01 X X
10. nFReportsguide.Cisco.
pdf
nFX OSP Reports Guide
Version 3.4.1
Network security professionals and system administrators; provides
details about the reporting tools.
OL-11533-01 X X
11. nFX_OSP_IRMAdmin
guide.Cisco.pdf
nFX OSP Incident Resolution Management Administration Guide
Version 3.4
All users.
OL-10760-01 X X
netForensics
Written By
Cisco Systems
PDF in the CiscoWorks SIMS
ISO Image on Cisco.com
HTML and PDF
on Cisco.com
Supplement and Release Notes for CiscoWorks Security Information Management Solution (SIMS) 3.4.1
OL-11757-01
9
Loading...