Cisco security products

Hi all

not so sure that this post should be under this heading. I have a question to ask. The company network is based of CISCO and recently we had another provider has presented and Juniper. Juniper representatives who were promoting technology Juniper said a lot about CISCO which personally I didn't like. Is it true that the Juniper security products are top of the class and that CISCO is not? I'm confused. I feel that CISCO is still the leading provider of safety compared to other providers. I need insurance.

It is the work of the Juniper guys to sell their products. During the sale they will provide 3rd party reports saying that they are the best and Cisco is not. They show all of the weaknesses of Cisco. When you talk about Cisco, they do the same thing about Juniper devices. This is the area of the sale. Each provider has strengths and weaknesses. No one supplier is the best in all areas. We use Cisco firewalls and Juniper. We love the junipers because they can do things that are not Cisco. On the other hand, Cisco can do some things that Juniper impossible. It's all about what features are important to you and the placement of the device (s).

Hope that helps.

Tags: Cisco Security

Similar Questions

  • API License - Cisco Security Manager

    I would like to know the license API to integrate a solution Algosec Cisco CSM. This license would cost or not?

    Q. what are the features of the API?

    A. based on the API access Cisco Security Manager to share information with other services essential network such as respect and analysis of advanced security systems to streamline their operations, security and compliance. Using a representational state transfer, external firewall compliance systems can directly request access to data from any security device managed by the Cisco Security Manager. Several suppliers of conformity of safety including Tufin Algosec and Skybox, have updated their products to work with the new APIs in the Cisco Security Manager

    http://www.Cisco.com/en/us/prod/collateral/vpndevc/ps5739/ps6498/qa_c67-727089.html

    I'm waiting for return,

    Aldo Melo Lopes

    Yes. The fare is US$ 5,000.

    The product number is 'L-CSMPR-API' (Cisco Security Manager Pro - license for access to the API).

  • Cisco Secure ACS Solution Engine ping

    1. I installed Cisco Secure ACS Solution Engine with V3.3 and I can access via the http port 2002 but I can't it ping from anywhere in the network, but the server can ping every thing, is this normal.

    2. If I can't ping haw I can define the service keeplaive to load balance 2 ACS engine using CSS

    By the way, I forgot that ACS 3.3 device has a CSA integrated. This agent is enabled by default. He explains why you can't ping it.

    For enable/disable it, go to "System Setup Configuration - device. Toggle the checkbox enabled the CSA according to needs.

    http://www.Cisco.com/en/us/partner/products/sw/secursw/ps5338/products_user_guide_chapter09186a008023361d.html#wp859228

    Rgds,

    AK

  • Import batch of the NAS Cisco Secure v2.6?

    Hiya,

    We run Cisco Secure v2.6 & want to add all our routers in as "Network access servers" so that we can authenticate NT accounts.

    The problem we have is not with the configuration but the addition of some 300 routers - quite a long process I'm sure you can imagine!

    Anyway is batch import all of these routers - in a similar way to the users? Tried passing the various parameters in the URL, but this doesn't seem to work (think theres some smart java EFS it or aomething).

    Any suggestions would be received gratefull!

    Paul Woolnough

    [email protected] / * /.

    In addition to capacity CSUtil documented at

    http://www.Cisco.com/univercd/CC/TD/doc/product/access/acs_soft/csacs4nt/csnt24/csnt24ug/apimport.htm

    (CiscoSecure ACS database command line Utility), CSutil can also be used to import the NAS devices. It will import from a text file that lists the NAS so devices that their (local significance only) host name, ip address, key and Protocol.

    This is a sample file represents the syntax/format used for this import:

    ONLINE

    ADD_NAS:Router1:IP:10.31.1.51:key:Cisco:vendor:CISCO_T +.

    ADD_NAS:Router2:IP:10.31.1.52:key:Cisco:vendor:CISCO_R

    Here we see two NAS devices listed - ROUTER1 and ROUTER2, both using the key "Cisco", and the ip addresses are easy enough to identify it. And since ROUTER1 lists the parameter ' CISCO_T + ', it will be imported as using Ganymede +; We see a similar format to the NAS ROUTER2, which will be imported as using RADIUS.

    With the keyword "ONLINE" at the beginning of the file, the NAS devices will be imported while ACS is still running. It is a slow process, but it allows importing unfold without downing the ACS server. If you want to interrupt the services ACS temporarily while you perform this import, you can replace 'OFFLINE' to 'ONLINE '. Importation would complement then much faster.

    So the first task would be to build a text file using the format above, and for our example, we will say this file was named fred.txt. Once this file is created, you will need to copy this file in the following directory:

    C:\Program Files\CiscoSecure ACS v2.6\Utils

    And then at a command prompt, navigate to the same directory and run this command:

    CSUtil-i fred.txt

  • I would like to implement Cisco Security Manager demo and requirement, I have about 500 devices

    I want to implement Cisco Security Manager .demo and requirement, I have about 500 aircraft and which is sutabale also want to access VPN management

    And what is your question?

  • Cisco Security Manager

    Hello

    I have a question about Cisco Security manager. We manage approximately 70 firewalls and bought the MSC to manage with policies, etc.

    Is it possible to make changes in SSH or ASDM If Cisco Security Manager is inaccessible?

    I need a way to backup for the configs before I can deploy.

    Any advice will be appreciated

    Kind regards

    Ian Oliver

    You can always return to the local management.

    If you do, you need to be sure to use functionality of the CSM 'Detect changes in band.

    http://www.Cisco.com/c/en/us/TD/docs/security/security_management/Cisco _...

    You need to reconcile and integrate those changes in band CSM once it is available / accessible so that it fit, any change in its baseline for the camera - otherwise he crushes them in the next deployment.

  • Cisco Security Manager integration with Cisco ACS troubleshooting

    Hi all!

    I have a problem with the integration between Cisco Security Manager and ACS. I've done the integration, but the identity of the user system doesn't have enough privileges. I know what the problem is, but I don't know how I can change the login of the ACS to the local MSC?

    I found a file that specifies the following:

    Q.

    Is there a backend script or command line interface options to change the ACS to local CicsoWorks connection module?

    A.

    To restore the server LMS ACS local user mode mode, stop the CiscoWorks

    demons and run the following script:

    NMSROOT/bin/perl ResetLoginModule.pl

    (for Solaris)

    NMSROOT\bin\perl ResetLoginModule.pl

    (for Windows)

    Then, restart the daemon.

    I did it, but does not work, any idea?

    Hello

    I guess you can try to go through the question on WSC and GBA integration troubleshooting:

    http://www.Cisco.com/en/us/docs/security/security_management/cisco_security_manager/security_manager/3.0/troubleshooting/guide/rbacts.html#wp1043629

    Few things might have gone wrong:

    1 - this command must be run on the server MCS cmd prompt (make sure that you are not on the client computer)

    2 - NMSROOT is the directory were MSC Server is installed. Is usually c:\Progra~1\CSCOpx

    3. you must stop the deamon Manager before performing this action (and restart)

    For example if the directory is the one above to reset the connection locally, you can try the following:

    net stop crmdmgtd---> that stops the daemon Manager (can be done by the services window)

    c:\Progra~1\CSCOpx\bin\perl c:\Progra~1\CSCOpx\bin\ ResetLoginModule.pl---> restores local authentication

    net start crmdmgtd---> restart the Daemon Manager

    Can you maybe try again and let me know how it goes?

    Thank you

  • Cisco Secure ACS vs IAS in Windows

    Hi all

    I need deploy an AAA for the following situations.

    (1) remote access via Cisco VPN Clients.

    (2) AAA for wireless windows PC in remote areas

    (3) AAA for Cisco switches and routers in remote areas

    (4) authentication with a windows domain

    The the Windows IAS would be virtually free that we already have Windows 2003 domain controllers at each remote site. However, Cisco Secure ACS might also be an option. Not all have experience in these two?

    What are the positives\negatives of each? and limits?

    Does anyone have any information on case study etc. in comparing the two?

    Your help is greatly appreciated.

    Kind regards

    Andy

    PS: There is a limitation in Windows 2003 Standard edition, which limits the number of Radius clients to 50. Although we have more than 50 potential clients in society, no site has more than 50 altogether.

    MS IAS allows you to implement the solution using only the RADIUS protocol

    ACS offers the feature to use RADIUS as well as GANYMEDE.

    Looking 4 solutions you want to implement, only 3rd solution will be a little easier with GANYMEDE, but even once it not something you can not implement using RADIUS.

    On the limitation of Radius client, ACS offers a large database that you can use for customers, so limiting to 50 customers. In addition many many features, you'll love to integrate into your network as the NAP/NAC implementation, made it easier.

    So you need to check if you have the budget, you can go to ACS, IAS on the other can work well for all solutions (except limitation of radius client, I m sure that MS can provide a workaround solution).

    the following link can help you with information on sales of ACS:

    http://wwwIn-nmbu.Cisco.com/thevault/files/1027/5/ACS4.1-Sales-guide%20April%204%202007.htm

  • Cisco Security Agent cannot close port 135/tcp on Windows hosts

    Hello

    I met with the problem that Cisco Security Agent cannot close port 135/TCP on PC windows (XP or Win7).

    I configured the network access control module to prevent all client/server connections to port tcp/135 of the rule.

    I checked my police using nmap, so this port (TCP/135) 20 minutes shows as filtered and I see connect event monitor on the CSA MC, over the next 20 minutes he see as open and no newspaper doesn't show. (not exact time, then it maybe 30 minutes or 5, this varies)

    Can someone explain how TCP/135 works and it is possible to close it using the CSA?

    Thanks in advance

    There is another question for the same problem on the forums (see: CSA 6.0.2.145 problem with windows firewall 7). I wrote: -.

    "I advanced and tested in the laboratory with winXP and CSA 602-149 (later). I've defined a rule with DENY tcp/135 and ran the nmap and reports of open (wireshark performances to the syn syn - ack). I changed it to a REFUSAL of PRIORITY and now closed nmap reports (wireshark shows restore the syn). Through the CLI, netstat - a watch the pc listening on tcp/135 & disabling the syn CSA Gets the syn - ack response. For me, this means a few flaws. 1: DENY should block tcp135 syn & 2: CSA does not send reset (it needs to be reset). Is it possible to open a TAC case and put my name (mwinnett) in it, and I'll open a defect. »

    Matthew

  • Cisco security agents - Solaris zones

    Hello

    If anyone can help in question with the CSA?

    Are there official information that Cisco Security Agent cannot be installed on Solaris zones. Information on versions of Solaris, but not on the areas of release notes.

    Please visit the following link:

    The requirements for Solaris systems officer

    http://www.Cisco.com/en/us/docs/security/CSA/CSA601/Release_notes/CSA601RN.html#wp196425

    SongL

  • Install Cisco Security Manager 4.7 on Hyper-V

    Hello

    Our clients want to install Cisco Security Manager on a Machine virtual Windows virtualized with Hyper-V. The only references documentation install the software on a Virtual Machine on Vmware systems.

    Can be installed without problems, and the installation will rely on the TAC if we open a support case?

    Best regards

    David

    While he expected to work (since CSM is essentially an application running on a Windows Server), it is not a system that meets the requirements of the Setup Guide.

    Then... If the TAC has found a problem related to this configuration when you need their help, they would be within their rights to say your installation is unsupported.

  • When Cisco Security Agent 6.0.2 comes out?

    When Cisco Security Agent 6.0.2 comes out?  Go off the 32-bit operating system and on Windows 2008 64 - bit OS.

    Scheduled for this month.

  • Cisco Secure ACS 4.2 on VMware ESX 4.0.

    We must move from ESX 3.5 to ESX 4.0 a virtual machine running Cisco Secure ACS for Windows version 4.2.

    This solution is compatible and supported by Cisco?

    Thank you.

    Andrea

    ACS Windows 4.2 is not supported by Cisco, when installed on VMWare ESX 4.0 in accordance with the following documentation:

    http://Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/device/guide/sdt42.html#wp37898

    Only ACS 5.1 is supported on ESX 4.0:

    http://www.Cisco.com/en/us/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/installation/guide/csacs_vmware.html

  • With Cisco Secure ACS for Windows GANYMEDE +, authentication fails with AD

    I'll put up a Cisco Secure ACS 4.2 server to act as a RADIUS server for switches and routers I use Windows 2003 server for the candidate countries.
    and an Active Directory of Windows 2003 server.  The ad server is very good, it is used for many other things.

    I've implemented ACS as defined nit it installation guide, including all the steps in the "Member Server" section of the installation guide
    When you use AD as an external database (e.g. setting up services to run with a domain administrator account, set up a machine called "CISCO"
    on the field, etc.).

    I've set the unknown user policy to use the database of Windows, if the internal database does not contain the details of the user.

    If I add a user to the internal database, authentication goes through fine, with an entry in the journal "Authentication," spent

    02-24-2010, 05:07:03, authentic failed, eXXXX, Network Administrators (NDG), X.X.X.X, (default), internal error, (get the internal error error message)

    I scoured google etc and just cannot come up with any reason why this should be the case.
    I followed all of the installation to the letter guides.  I need to get this up and running as soon as possible,
    so am eager to know if someone can help me with this one!

    Thanks and greetings

    Sharan

    George,

    Internal error is fairly generic, but a common situation, we see this error is when ACS is installed on a

    64-bit computer.  ACS would not work with the active Manager when it is installed on the 64-bit before machines

    ACS 4.2.1.

    -Jesse

  • Evaluation version for the cisco secure access control server

    Hello

    I can get the trial version for the cisco secure access control server. IF SO pls send me the link.

    Thank you

    Hi Thomas,

    You can download ACS for windows 4.1 or 4.2 from the link below:

    http://www.Cisco.com/cgi-bin/tablebuild.pl/ACS-win-eval

    For ACS 5.x, please visit cisco.com

    Download software > Security > Cisco Secure Access Control System 5.x > Secure Access Control System Software

    HTH

    Kind regards

    Jousset

    Please evaluate the useful messages-

Maybe you are looking for

  • SMB file sharing problem when connecting EA6350 to a larger network.

    Hi all I tried to set up a server of media for my colleagues, but have had problems for the last 3 days.  I searched all possible solutions on various forums and have managed to operate, only to discover the next day that he stopped.  I was able to g

  • How do you create animations in photoshop cs5?

    I create .gif animations in Photoshop elements for years, but may not have a grip on how to do the same thing in Creative Suite 5.5, how many time I prepare instructions has no importance.  Any tips?

  • 5.1 - VAAI vCD box Grayed Out

    Can someone tell me why the checkbox for "Enable NOTTM for quick commissioning" would be dimmed in vCD for my Cluster data store?  I check my host and it is supported on all data stores in the cluster of DS. I hope I just missed something.Thank you

  • DVCPRO HD 720 p Capture file size in pixels, etc.

    I'm above Final Cut 7 where I use AJA convince capture card DVCPRO HD 720 p 59,94 Ribbon from Panasonic 1400 bridge successfully for years. First, I adjusted all capture settings and sequence settings to conform to the DVCPRO HD 720 p 59.94:-Pixel fo

  • Why not work Stop markers on discs Blu - Ray?

    Yes, I know that it is because Adobe said they do not.However, what is the technical reason?  Will be this deficiency be corrected in a future version of Premiere Elements.Running:First Elements 11 under Microsoft 7 Professional