cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
273
Views
0
Helpful
3
Replies
Highlighted
Beginner

Cisco Security Manager - worthwhile software?

Company has HA 5525 ASAs and a large wireless network with Prime. Monitoring is not so good; Solarwinds that is poorly licensed and configured. A number of times issues have gone unknown for a while because we do not have a good alerting system. Could CSM be a solution for the security side of things?

3 REPLIES 3
Highlighted
VIP Expert

CSM will help you retain Logs for historical logs you want to view, ASA  itself going end of Life soon or later, is it worth investing on  CSM at this stage, this is business call.

 

https://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/4-7/user/guide/CSMUserGuide/evntchap.html#152083

 

Personally - I setup an SYSLOG Server and offload all the logs from ASA to SYSLOG Server - there are many tools available for how you can view the logs ( you can use Graylog)  free and open source.  which can be used for any other logs to store not only ASA.

 

not sure is this make sense for your requirement? feedback if that not meet your requirements to consider other options.



BB


*** Rate All Helpful Responses ***

Highlighted

In my opinion CSM has had its day and I rarely see any customers using it now.  The times I have seen it there were challenges with getting the software and licensing.

 

I agree with your comment that offload the logging.  I have configured a syslog server on CentOS so many times for this very purpose.

 

Maybe you should look at CDO.

Highlighted
Hall of Fame Guru

Cisco Defense Orchestrator (CDO) with Cisco Security Analytics and Logging (SAL) is a good option. It can manage your ASAs as well as Firepower appliances with FTD. It doesn't do Firepower service modules and a few more advanced features, but otherwise it is very simple to use and adds a lot of utility.

Content for Community-Ad

This widget could not be displayed.