CSPM Features
CSPM (formerly Cisco Security Manager) is a powerful security policy management application that is designed around the integration of Cisco Secure PIX Firewalls, Internet Protocol Security (IPSec) VPN-capable routers, routers running the Cisco IOS Firewall feature set, and Intrusion Detection System (IDS) sensors.
Currently, CSPM is available only on the Windows NT platform.
CSPM provides a tool that enables the security administrator to define, enforce, and audit security policies for distributed Cisco Secure PIX Firewalls, IPSec VPN-capable routers, and routers running the Cisco IOS Firewall feature set. The software enables the administrator to formulate complex security policies based on organizational needs. These policies are then converted to detailed configurations by the CSPM and distributed to the specific security devices in the network.
The main features of CSPM are as follows:
Cisco firewall management— CSPM empowers the user to define complex security policies and then distribute these to several hundred PIX Firewalls or routers running the Cisco IOS Firewall. Full management capabilities are available for the firewalls.
Cisco VPN router management— IPSec-based VPNs can be easily configured by using the simple graphical user interface (GUI). As with firewall management, this VPN configuration can be distributed to several hundred PIX Firewalls or routers running the Cisco IOS Firewall.
Security policy management— The GUI enables the creation of network-wide security policies. These security policies can be managed from a single point and delivered to several hundred firewall devices without requiring extensive device knowledge and dependency on the CLI.
Intelligent network management— The defined security policies are translated into the appropriate device commands to create the required device configuration. The device configuration is then securely distributed throughout the network, eliminating the need for device-by-device management.
Notification and reporting system— CSPM provides a basic set of tools to monitor, alert, and report activity on the Cisco Secure devices. This provides the security administrator with both reporting information that can be used to ascertain the current state of the security policy and a notification system to report various conditions. Along with the built-in notification and reporting tools, the product also implements and integrates with leading third-party monitoring, billing, and reporting systems.
Figure 8-1 shows the main configuration screen of the CSPM.
The following devices and software revisions are supported by CSPM:
Cisco Secure PIX Firewall
- PIX OS 4.2.4, 4.2.5, 4.4.x, 5.1.x, 5.2.1
Cisco router/firewall and Cisco VPN gateway
- IOS 12.0(5)T, XE
- IOS 12.0(7)T
- IOS 12.1(1)T, E, XC
- IOS 12.1(2), T, (2) T, E, XH, (3) T, X1
Cisco Secure Intrusion Detection System sensor
- 2.2.0.x
- 2.2.1.x
- 2.5.0
Cisco Secure Intrusion Detection System line card
- Catalyst 6000 2.5 IDSM
NOTE
A Cisco router/firewall is a Cisco router running the firewall feature set. A Cisco VPN gateway is a Cisco router running the IPSec VPN feature set. These feature sets are part of the Cisco IOS Firewall and Cisco Secure Integrated VPN Software solutions for Cisco routers.