VMS server for FWSM

koiflowerhorn · ‎05-31-2006

Our company recently bought a VMS for our to manage our FWSM. I would like to know where and what is the best practice to install the VMS for FWSM management. Currently we have a seperate segment for all our management server and i'm planning to add the vms to this segment. Should I configure the fwsm a separate vlan interface just for this management server?

VMS<=mngnt Int==> FWSM <====Inside====>

<====Outside===>

<======DMZ=====>

beecher · ‎05-31-2006

This is a general document on VMS deployment:

http://www.cisco.com/en/US/products/sw/cscowork/ps2330/products_white_paper0900aecd8021bff1.shtml

This is the topic of how to bootstrap the FWSM in preparation for management by VMS/FWMC:

http://www.cisco.com/en/US/products/sw/cscowork/ps3992/products_user_guide_chapter09186a008028ab17.html

FWMC just needs IP connectivity to the inside interface of the FWSM, so it is not necessary to configure a separate VLAN interface just for management.

I would also recommend that you consider upgrading to Cisco Security Manager which replaces a number of the VMS applications including FWMC. See http://www.cisco.com/go/csmanager.

Patrick Iseli · ‎05-31-2006

Might be a good idea to forget about VMS and use the new product CISCO SECURITY MANAGER which will replace VMS.

The upgrade is for free with valid Cisco contact.

The Cisco Security has much more features, better performance and is easyer to manage.

See:

http://www.cisco.com/en/US/partner/products/ps6498/index.html

http://www.cisco.com/en/US/partner/products/ps6498/tsd_products_support_series_home.html

sincerely

Patrick