08-12-2008 09:13 AM - edited 03-11-2019 06:30 AM
Hi, I have deployed ASA 5505 into Five locations and all are connected via STS Tunnel.
Now I want to know what is a next step for a Network Admin so that everything could work fine. Which of the softwares would you recommand for logs, monitoring or etc so that I could manage all entire things perfectly and troubleshhot the issues while it requires. Thanks
08-12-2008 09:27 AM
Hi,
Cisco Works suite will do the trick.
It works as SNMP server, syslog, configuration backup, alerts and so on.
As for the management, since there are only 5 ASAs you can use the individual ASDMs. Buying a Firewall MC Software (also part of Cisco Works) doesn;t make sense, since is quite expensive.
The lite version of Cisco Works:
http://www.cisco.com/en/US/products/sw/cscowork/ps2408/prod_brochure09186a00801c0a43.html
Please rate if this helped.
Regards,
Daniel
08-12-2008 09:37 AM
Hi, Can I get all features in Cisco ACS? Basically I am looking a softwares through which I could see bandthwidth usage per Tunnel wise and support Nelflow as well. A software which has all feature whether it is too expensive.
08-12-2008 09:51 AM
Waiting of your response
08-12-2008 03:53 PM
Is this something you have first-hand
experience with or just something you just
read from a Cisco brochure?
If Ciscowork is so good, then why does Cisco
also tout Cisco Security Manager as well?
08-12-2008 04:42 PM
In upcoming months, we will be deploying FW on 10 new sites and all will be connected va Tunnel. Which of the software would you recommand?
08-12-2008 06:44 PM
I can not recommend you any management software because:
1- I do not have much experience with Ciscowork managing ASA devices.
My previous experience with Ciscowork had not been a pleasant one.
2- I used Cisco Security Manager 2.5 years ago and the product
was/is a horrible. As a matter of fact, I decided to give it
another try a couple weeks ago. After installing CSM 3.2 on
my Windows 2003 Enterprise Server with Service Pack 2, I tried
to install Performance Monitoring on top of CSM 3.2 and it
refuses to install. Not a good product, IMHO.
3- Solsoft Policy Server is a somewhat better than Cisco CSM.
That being said, it is mainly used for Security policy
repository. It lacks a lot of features in Cisco CSM. But
in terms of policy management, it is definitely better than
CSM for sure.
I've been using Checkpoint Provider-1 for years so I have
a very high set of bar for management software product. Cisco
CSM and Solsoft are error-prone and sluggish (due to java-based).
By the way, if someone has successfully installed Performance
Monitor module on top of Cisco CSM, please let me know as well.
08-12-2008 07:46 PM
Farrukh :- Any suggestion
08-14-2008 07:17 AM
I have used both Solsoft and CSM. In my opinion if CSM is set up correctly, utilizing shared policies, object overrides, etc. It is much more useful and easier to manage a large number of devices or a small number of devices with a large number of rules or policies than Solsoft.
Talk with someone that has completed a successful deployment of CSM and then try it, I believe you should be able to demo it.
As far as, performance monitor goes, I have successfully installed it on the same box as CSM, but it was on a CSM 3.1.1 box. I don't believe I had to do any tricks to make it happen, I just followed the installation steps documented here on CCO.
08-15-2008 02:54 AM
"As far as, performance monitor goes, I have successfully installed it on the same box as CSM, but it was on a CSM 3.1.1 box"
Fair point. I have Windows 2003 Enterprise
Server with Service Pack 2 and Java version
1.6 running on it. There are no other
applications running on this server.
Hardware is an IBM x3650 with 10GB RAM and
dual "quad-core" Processors 3.16GHz.
I installed CSM 3.1.1 on this. Installation
went through fine. Reboot the box after
that.
I then installed Performance Montior. That
installation went fine too. Reboot the box
after that.
I then installed CSM 3.1.1 Service Pack 3.
That installation went fine. Reboot the box
after that.
I then logged into the CSM box from a Dell
Desktop Optiplex Gx620, 4GB RAM and 3.2 GHz
CPU. URL link is http://CSM-IP:1741
I then installed CSM client n the dell
desktop. connect again the CSM client. Then
I download the CSM client service pack 3.
Installed the CSM client after that.
Now I can log into the CSM with the CSM
client. The jump start page showed up.
I closed the jump start page. Now on my
screen, it tells me "connect to DCR" and
it hangs after that. I also tried from
different machines as well but same result.
When I tried URL http://csm-ip:1741, I tried
to go to Performance Monitor tab, it opens
another Browser and hang after that.
anyone know why?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide