CSM (Cisco Security Manager) 4.10 error discovery of ASA with service-policy

Similar Questions

• Install Cisco Security Manager 4.7 on Hyper-V

  Hello

  Our clients want to install Cisco Security Manager on a Machine virtual Windows virtualized with Hyper-V. The only references documentation install the software on a Virtual Machine on Vmware systems.

  Can be installed without problems, and the installation will rely on the TAC if we open a support case?

  Best regards

  David

  While he expected to work (since CSM is essentially an application running on a Windows Server), it is not a system that meets the requirements of the Setup Guide.

  Then... If the TAC has found a problem related to this configuration when you need their help, they would be within their rights to say your installation is unsupported.

• API License - Cisco Security Manager

  I would like to know the license API to integrate a solution Algosec Cisco CSM. This license would cost or not?

  Q. what are the features of the API?

  A. based on the API access Cisco Security Manager to share information with other services essential network such as respect and analysis of advanced security systems to streamline their operations, security and compliance. Using a representational state transfer, external firewall compliance systems can directly request access to data from any security device managed by the Cisco Security Manager. Several suppliers of conformity of safety including Tufin Algosec and Skybox, have updated their products to work with the new APIs in the Cisco Security Manager

  http://www.Cisco.com/en/us/prod/collateral/vpndevc/ps5739/ps6498/qa_c67-727089.html

  I'm waiting for return,

  Aldo Melo Lopes

  Yes. The fare is US$ 5,000.

  The product number is 'L-CSMPR-API' (Cisco Security Manager Pro - license for access to the API).

• Cisco Security Manager

  Hello

  I have a question about Cisco Security manager. We manage approximately 70 firewalls and bought the MSC to manage with policies, etc.

  Is it possible to make changes in SSH or ASDM If Cisco Security Manager is inaccessible?

  I need a way to backup for the configs before I can deploy.

  Any advice will be appreciated

  Kind regards

  Ian Oliver

  You can always return to the local management.

  If you do, you need to be sure to use functionality of the CSM 'Detect changes in band.

  http://www.Cisco.com/c/en/us/TD/docs/security/security_management/Cisco _...

  You need to reconcile and integrate those changes in band CSM once it is available / accessible so that it fit, any change in its baseline for the camera - otherwise he crushes them in the next deployment.

• IPS Manager Express or Cisco Security Manager?

  Hi all

  We think buy the license for the 5512 IPS - that of above (IPS Manager Express or Cisco Security Manager) is the right tool to read about management purposes? Or I can be selected? If I can choose either, which guy are you advocating?

  See you soon!

  M

  How many systems do you have? If the number is high, the CSM is the way to go. Manage many systems (and keep them in sync with the same political) with IDM and IME is a nightmare. But if it is a single system, the EMI is the right tool for you. It works very well for the follow-up (up to 10 devices) and can also manage them (individually, it is not so easy for more then another system). And it's free.

  --
  Don't stop once you have upgraded your network! Improve the world by lending money to low-income workers:
  http://www.Kiva.org/invitedBy/karsteni

• I would like to implement Cisco Security Manager demo and requirement, I have about 500 devices

  I want to implement Cisco Security Manager .demo and requirement, I have about 500 aircraft and which is sutabale also want to access VPN management

  And what is your question?

• Cisco Security Manager integration with Cisco ACS troubleshooting

  Hi all!

  I have a problem with the integration between Cisco Security Manager and ACS. I've done the integration, but the identity of the user system doesn't have enough privileges. I know what the problem is, but I don't know how I can change the login of the ACS to the local MSC?

  I found a file that specifies the following:

  Q.

  Is there a backend script or command line interface options to change the ACS to local CicsoWorks connection module?

  A.

  To restore the server LMS ACS local user mode mode, stop the CiscoWorks

  demons and run the following script:

  NMSROOT/bin/perl ResetLoginModule.pl

  (for Solaris)

  NMSROOT\bin\perl ResetLoginModule.pl

  (for Windows)

  Then, restart the daemon.

  I did it, but does not work, any idea?

  Hello

  I guess you can try to go through the question on WSC and GBA integration troubleshooting:

  http://www.Cisco.com/en/us/docs/security/security_management/cisco_security_manager/security_manager/3.0/troubleshooting/guide/rbacts.html#wp1043629

  Few things might have gone wrong:

  1 - this command must be run on the server MCS cmd prompt (make sure that you are not on the client computer)

  2 - NMSROOT is the directory were MSC Server is installed. Is usually c:\Progra~1\CSCOpx

  3. you must stop the deamon Manager before performing this action (and restart)

  For example if the directory is the one above to reset the connection locally, you can try the following:

  net stop crmdmgtd---> that stops the daemon Manager (can be done by the services window)

  c:\Progra~1\CSCOpx\bin\perl c:\Progra~1\CSCOpx\bin\ ResetLoginModule.pl---> restores local authentication

  net start crmdmgtd---> restart the Daemon Manager

  Can you maybe try again and let me know how it goes?

  Thank you

• Cisco Security Manager license key

  Hello

  We have installed in the Cisco Security Manager version 3.3.1 years back and now want reinstalled on the other server, but do not know the license key.

  Please guide how we can find the license key.

  Thank you

  You should be able to go on the Cisco license management portal and click on view existing licenses for licenses that are related to your CCE identifier:

  https://Tools.Cisco.com/swift/LicensingUI/QuickStart

  You can even use the wizard to transfer the license on the new server as a Rehost license.

  Please rate useful messages and mark this question as answered if, in fact, does that answer your question.  Otherwise, feel free to post additional questions.

  Charles Moreton

• NCS and Cisco Security Manager 4.2 servers

  Hi all

  I spec'ing on two new servers; one is for a box of first NCS and other area of Cisco Security Manager 4.2. I have decided to go with the range servers Cisco UCS, but am a little unsure of something on the said recommended in the datasheet for the AC.

  The NCS data sheet

  http://www.Cisco.com/en/us/prod/collateral/wireless/ps5755/ps11682/ps11686/ps11688/data_sheet_c78-650051.PDF

  ... reads as follows:

  ******************************

  If the first Cisco NCS deployment as a virtual appliance on a server provided by the customer, one of the following versions

  VMware ESX or ESXi can be used:

  Version of VMWare ESX or VMWare ESXi 4.1

  ******************************

  This means that the NCS software MUST be be virtualized, or can it be installed and simply turn on something like Windows Server 2008? If Yes, through a serious disk image?

  Secondly,.

  the two servers are running RAID arrays and I was wondering what are your views on the execution of any (OS, Cisco software, records and other data) set on the RAID array, or the OS and Cisco software on a separate boot disk and store data only on the RAID?

  I see no reason why it would not run together on the RAID, but I'm curious to know what you think about it.

  In addition, we are upgrading our WCS courses and I was wondering if some kind of migration is necessary or can we just install fresh NCS on the server and configure it accordingly.

  See you soon,.

  -Dave

  Dave,

  For the first part, the NCS works only as a virtual machine.  You can buy the device hardened to it, but it's still a virtual machine, NCS is presented as a .ova.

  Regarding separate them, with NCS I don't think you'll be able to.

  Steve

• Install cisco Security Manager

  Hello:

  I aquire a license CSM and need to install, just have a server and it is installed 3.2 LMS.

  Follow the installation instructions, I found that this CSM cannot be installed on the same server as LMS.

  This is the paragraph:

  "We do not support the coexistence of Security Manager with any third-party software or other software from Cisco (including any brand CiscoWorks 'solution' or 'package', such as the LAN Management Solution [SGA] or the [MV] security/VPN Management Solution), unless we declare explicitly otherwise in this guide, or http://www.cisco.com/go/csmanager .

  "

  Someone can tell me if this is permanent or can install both on the same server.

  Thank in advanced

  No problem at all :). Please rate if you find useful messages.

  Concerning

  Farrukh

• Cisco Security Manager v3.3.1 & windows 7

  I have a client who uses the CSM worm 3.3.1 on windows XP without any problem.

  However, since they began to upgrade their devices to windows 7, they are in trouble.

  They can launch the Device Manager to make configuration changes to an ASA, but cannot open the syslog Viewer for troubleshooting procedures.

  Is this a compatibility issue between the version of the CSM & windows 7 & If yes what version of the CSM they need to upgrade to?

  Thank you very much

  Colin

  Windows 7 is not among the operating systems supported for the installation of the CSM 3.3.1 client software. Reference.

  4.1 the MSC was the first version to support Windows 7 clients. Reference.

  If you move from 3.3.1 to 4.x however, recommended version would be the current one - 4.4 to date.

• Cisco Security Manager is vulnerable to the CVE-2014-0160 - aka Heartbleed

  Dear all,

  We have MSC 4.4.0 SP2 patch 1 installed without default configuration.

  According to cisco, CSM is list of vulnerable products with cisco ID CSCuo19265bug.

  Do I need to take measures for my MSC?

  Thank you & best regards

  Ahmed...

  I recommend you tradeoff HTTPS access to the MCS server for the few customers who actually need access, until a fix has been released. This way you can at least limit the amount of customers who might use this leak.

• Update Signature IPS S511 for Security Manager

  Hello!

  Anyone tried to use up-to-date signature IPS S511 for Cisco Security Manager?

  I downloaded the IPS-CS-MGR-sig-S511-req-E4.zip file and checked md5 somm. The amount calculated was as specified on the cisco.com site. But it is impossible to use the zip file.

  Unzip the following shows:

  [email protected] / * /: / tmp/u > unzip-l IPS-CS-MGR-sig-S511-req-E4.zip
  Archive: IPS-CS-MGR-sig-S511-req-E4.zip
  End-of-Central-Directory signature not found.  Either this file is not
  a zip file, or it is one of the discs of a archive in several part.  In the
  This last case the central directory and zipfile comment will be located on
  the last records of this archive.
  unzip: cannot find zipfile directory in one of the IPS-CS-MGR-sig-S511-req-E4.zip or
  IPS-CS-MGR-sig-S511-req-E4.zip.zip and cannot find IPS-CS-MGR-sig-S511-req-E4.zip.ZIP, period.

  WinZip is an error too.

  had the file IPS-CS-MGR-sig-S511-req-E4.zip be removed as with 8,0000 3427 MARCH upgrade?

  Kind regards

  This issue has been addressed and CSM should be able to retrieve and deploy S511 successfully.

  Scott

• ASA fire services and security context

  Hello.

  We have an old asa 5510, and we would like to change with a new x 5525 asa with services of firepower, using the fueatures IPS.

  In the firewall of the production, we organize 6 security contexts; so the question is: If buy us this product, we can use IPS FirePower feauters in any security context or do we not have limits?

  Thank you

  Daniele

  The only restriction is that one set of politics of power must be applied for all contexts will share policy.

• ProBook 4530 s: error 1325 on trying to uninstall HP ProtectTools Security Manager

  I'm trying to uninstall HP ProtectTools Security Manager because it is a prerequisite for the installation of Windows 10.  However, try to uninstall through Control Panel > programs and features, I receive the following error message:

  

  Title bar: HP ProtectTools Security Manager Installer Information

  Error: error 1325.Hewlett - Packard is not a valid short file name.

  I am connected to a local administrator account.  I tried to use Revo Uninstaller, but it does not find HP ProtectTools Security Manager.

  Any advice or solutions for uninstall this would be very appreciated.  Thanks in advance!

  My first research:

  http://h30434.www3.HP.com/T5/notebook-operating-systems-and-software/HP-ProtectTools-password-manage...

  http://h30434.www3.HP.com/T5/notebook-operating-systems-and-software/removal-Uninstall-HP-ProtectToo...

  It will its weird, but it actually has a really simple solution. Go to Device Manager and disable your DVD player. Then run the uninstall, and avoid the error. You can reactivate later without any problems.