Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1483
Views
0
Helpful
14
Replies

Manage 300 ASAs

Go to solution
andre.ortega
Spotlight

‎08-13-2008 07:00 AM

I have 300 connected sites the head office, through VPN. All of the sites use Cisco ASA. And now I need a software to manage all these equipments (monitor and configure). What can use?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
andrew.burns
Level 7
Level 7
In response to andre.ortega

‎08-15-2008 01:02 AM

Hi,

The base product support's 50 devices but CSM can be licensed to support 1000's of devices.

HTH

Andrew.

View solution in original post

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to akemp

‎08-19-2008 10:44 PM

You definitely have to look at the CSM for 'management' of 300 ASAs. CiscoWorks does not offer much in terms of day to day management tasks and security policy management (It is not meant for this anyway).

Regards

Farrukh

View solution in original post

0 Helpful
14 Replies 14

Go to solution
mvsheik123
Level 7
Level 7

‎08-13-2008 11:06 AM

Please see the below link. It might be useful.

http://www.cisco.com/en/US/products/ps6498/index.html

hth

MS

0 Helpful

Go to solution
andre.ortega
Spotlight
In response to mvsheik123

‎08-13-2008 11:17 AM

Thanks,

but this product support only 50 devices.

Best Regards.

0 Helpful

Go to solution
andrew.burns
Level 7
Level 7
In response to andre.ortega

‎08-15-2008 01:02 AM

Hi,

The base product support's 50 devices but CSM can be licensed to support 1000's of devices.

HTH

Andrew.

0 Helpful

Go to solution
andre.ortega
Spotlight
In response to andrew.burns

‎08-15-2008 03:29 AM

Hi,

Where you see this information??

Do you have a link?

Regards,

André Ortega

0 Helpful

Go to solution
andrew.burns
Level 7
Level 7
In response to andre.ortega

‎08-19-2008 12:04 AM

Hi,

If you look at this bulletin under the section on Licensing you'll get the info you need:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/product_bulletin_c25-458676.html

To quote:

"The Professional version supports incremental device license packages available in increments of 50, 100, 500, and 1000 devices."

HTH

Andrew.

0 Helpful

Go to solution
akemp
Level 5
Level 5

‎08-14-2008 05:40 AM

Ciscoworks LMS v3.1 can do that for you. It supports ASA configuration management in RME, monitoring via DFM and/or HUM and IPM.

Here are the current OID's for ASA's that are supported:

1.3.6.1.4.1.9.1.670

1.3.6.1.4.1.9.1.671

1.3.6.1.4.1.9.1.773

1.3.6.1.4.1.9.1.669

1.3.6.1.4.1.9.1.745

1.3.6.1.4.1.9.1.673

1.3.6.1.4.1.9.1.672

1.3.6.1.4.1.9.1.763

1.3.6.1.4.1.9.1.753

You can also use RANCID, but you're on your own for support.

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to akemp

‎08-19-2008 10:44 PM

You definitely have to look at the CSM for 'management' of 300 ASAs. CiscoWorks does not offer much in terms of day to day management tasks and security policy management (It is not meant for this anyway).

Regards

Farrukh

0 Helpful

Go to solution
andre.ortega
Spotlight
In response to Farrukh Haroon

‎08-20-2008 08:29 AM

Thanks all,

One more question: Do CSM do link and vpn monitor?

If a link or VPN go down, do the CSM generate a alarm?

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to andre.ortega

‎08-20-2008 10:31 AM

CSM is more of a security management software. It can monitor VPNs for sure. It comes with Cisco Performance Manager for such tasks.

Links are more the domain of CiscoWorks LMS DFM component.

Regards

Farrukh

0 Helpful

Go to solution
cisco24x7
Level 6
Level 6
In response to Farrukh Haroon

‎08-20-2008 04:00 PM

Farrukh,

Is this something you have first hand knowledge of? I am curious how many CSM

deployment you have done so far? What kind

of hardware did you run CSM on? How many

devices did you manage from CSM? How complex

were the rule base? How do you handle global

rules, administration?

Regards,

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to cisco24x7

‎08-20-2008 06:50 PM

I really don't get your question. Is it like 'Why' CSM was recommended' or is it 'Can it really do what you state' type of question?

Even tough I know your reaction is from one of my other posts on another thread, but lets keep it professional :)

Regards

Farrukh

0 Helpful

Go to solution
cisco24x7
Level 6
Level 6
In response to Farrukh Haroon

‎08-20-2008 07:05 PM

sorry if I offended you. It was not my intention to do so.

My question is why do you recommend Cisco CSM?

Is that something you have extensive experiences

with? Did you have positive experiences with

this product?

CSM has left a bitter taste in my mouth. I

wasted three months eval it and it was nothing

but trouble.

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to cisco24x7

‎08-20-2008 07:22 PM

No I don't feel offended at all. :)

Nah I don't recommend it, I was just responding to the original thread. However I'm still in the process of evaluating it. I have worked with LMS extensively tough.

I agree that there has been a lot of negative feedback about CSM in various circles, but I heard it has improved now? In fact there is news/rumour for some major announcements from Cisco pertaining to Security Management.

Regards

Farrukh

0 Helpful

Go to solution
cisco24x7
Level 6
Level 6
In response to Farrukh Haroon

‎08-20-2008 07:33 PM

I don't think CSM is getting any better.

It has gotten worse. I just wasted

8 hours last week installing CSM 3.2 on my

Win2k3 server. After that installing CSM

3.2, I tried to install Performance Monitor

module on top of CSM 3.2, it refused to

install. Getting better, I think not :-(

Regards,

David

0 Helpful
Customers Also Viewed These Support Documents
Top