
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2008 07:00 AM
I have 300 connected sites the head office, through VPN. All of the sites use Cisco ASA. And now I need a software to manage all these equipments (monitor and configure). What can use?
Solved! Go to Solution.
- Labels:
-
Network Management
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2008 01:02 AM
Hi,
The base product support's 50 devices but CSM can be licensed to support 1000's of devices.
HTH
Andrew.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2008 10:44 PM
You definitely have to look at the CSM for 'management' of 300 ASAs. CiscoWorks does not offer much in terms of day to day management tasks and security policy management (It is not meant for this anyway).
Regards
Farrukh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2008 11:06 AM
Please see the below link. It might be useful.
http://www.cisco.com/en/US/products/ps6498/index.html
hth
MS

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2008 11:17 AM
Thanks,
but this product support only 50 devices.
Best Regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2008 01:02 AM
Hi,
The base product support's 50 devices but CSM can be licensed to support 1000's of devices.
HTH
Andrew.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2008 03:29 AM
Hi,
Where you see this information??
Do you have a link?
Regards,
André Ortega
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2008 12:04 AM
Hi,
If you look at this bulletin under the section on Licensing you'll get the info you need:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/product_bulletin_c25-458676.html
To quote:
"The Professional version supports incremental device license packages available in increments of 50, 100, 500, and 1000 devices."
HTH
Andrew.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2008 05:40 AM
Ciscoworks LMS v3.1 can do that for you. It supports ASA configuration management in RME, monitoring via DFM and/or HUM and IPM.
Here are the current OID's for ASA's that are supported:
1.3.6.1.4.1.9.1.670
1.3.6.1.4.1.9.1.671
1.3.6.1.4.1.9.1.773
1.3.6.1.4.1.9.1.669
1.3.6.1.4.1.9.1.745
1.3.6.1.4.1.9.1.673
1.3.6.1.4.1.9.1.672
1.3.6.1.4.1.9.1.763
1.3.6.1.4.1.9.1.753
You can also use RANCID, but you're on your own for support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2008 10:44 PM
You definitely have to look at the CSM for 'management' of 300 ASAs. CiscoWorks does not offer much in terms of day to day management tasks and security policy management (It is not meant for this anyway).
Regards
Farrukh

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 08:29 AM
Thanks all,
One more question: Do CSM do link and vpn monitor?
If a link or VPN go down, do the CSM generate a alarm?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 10:31 AM
CSM is more of a security management software. It can monitor VPNs for sure. It comes with Cisco Performance Manager for such tasks.
Links are more the domain of CiscoWorks LMS DFM component.
Regards
Farrukh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 04:00 PM
Farrukh,
Is this something you have first hand knowledge of? I am curious how many CSM
deployment you have done so far? What kind
of hardware did you run CSM on? How many
devices did you manage from CSM? How complex
were the rule base? How do you handle global
rules, administration?
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 06:50 PM
I really don't get your question. Is it like 'Why' CSM was recommended' or is it 'Can it really do what you state' type of question?
Even tough I know your reaction is from one of my other posts on another thread, but lets keep it professional :)
Regards
Farrukh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 07:05 PM
sorry if I offended you. It was not my intention to do so.
My question is why do you recommend Cisco CSM?
Is that something you have extensive experiences
with? Did you have positive experiences with
this product?
CSM has left a bitter taste in my mouth. I
wasted three months eval it and it was nothing
but trouble.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 07:22 PM
No I don't feel offended at all. :)
Nah I don't recommend it, I was just responding to the original thread. However I'm still in the process of evaluating it. I have worked with LMS extensively tough.
I agree that there has been a lot of negative feedback about CSM in various circles, but I heard it has improved now? In fact there is news/rumour for some major announcements from Cisco pertaining to Security Management.
Regards
Farrukh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2008 07:33 PM
I don't think CSM is getting any better.
It has gotten worse. I just wasted
8 hours last week installing CSM 3.2 on my
Win2k3 server. After that installing CSM
3.2, I tried to install Performance Monitor
module on top of CSM 3.2, it refused to
install. Getting better, I think not :-(
Regards,
David
