Management software for the configuration of Cisco PIX firewalls and Cisco Catalyst 6500 Series Firewall Services Module
PRODUCT OVERVIEW
The CiscoWorks Management Center for Firewalls and CiscoWorks Auto Update Server Software provide manageability for the Cisco® firewall product line. The CiscoWorks Management Center for Firewalls features the "look and feel" of the Cisco PIX® Device Manager but offers centralized management scalability of up to 1000 Cisco firewalls.
CiscoWorks Management Center for Firewalls and CiscoWorks Auto Update Server Software are components of the CiscoWorks VPN/Security Management Solution (VMS). VMS is an integral part of the SAFE Blueprint from Cisco and combines Web-based tools for configuring, monitoring, and troubleshooting:
• VPNs
• Firewalls
• Network Intrusion Detection Systems (IDSs)
• Host-based Intrusion Prevention Systems (IPSs)
• Router-based IPSs
CiscoWorks VMS is an integrated security management solution that addresses the needs of both small- and large-scale VPN and security deployments by helping protect productivity gains and reduce operating costs. Unlike point security products from multiple vendors that can leave vulnerable gaps, CiscoWorks VMS provides a comprehensive solution that ties separate security and VPN technologies into a single secure network.
Intended Use
The CiscoWorks Management Center for Firewalls provides centralized management of access rules, Network Address Translation (NAT), intrusion detection, and VPN on Cisco firewalls. It supports centralized management of nearly any Cisco firewall security network including remote access; demilitarized zone (DMZ); small office or home office (SOHO); voice, storage, and wireless networks; Internet security; and management security provider scenarios.
New Features
CiscoWorks Management Center for Firewalls 1.3.3 is the follow-on version of the CiscoWorks Management Center for Firewalls 1.3: New features in 1.3.3 include:
• Cisco PIX Firewall Software 6.3.4
• Authentication, authorization, and accounting (AAA) fallback
• Cisco Catalyst® 6500 Series Firewall Services Module (FWSM) 2.2
• Virtual Firewalls (Security Context)
• Transparent Firewall (Layer 2 Firewall)
• Policy NAT
• Policy Query
• Site-to-Site VPN
• Easy VPN Server
FEATURES AND BENEFITS
The CiscoWorks Management Center for Firewalls provides unique and robust scalability with these features:
• Smart Rules hierarchy and inheritance
• User-defined device and customer groups including nesting
• Global role-based access (RBAC) with administrative privileges per device and customer groups with CiscoWorks products and Cisco Secure Access Control Server (ACS)
• Mandatory and default device settings inheritance
• Workflow deployment to device, directory, or CiscoWorks Auto Update Server Software
• Look and feel of Cisco PIX Device Manager but with scalability to 1000 Cisco firewalls
• Web GUI
• Integration of market-leading management features from other CiscoWorks products
• Complete SAFE Blueprint from Cisco coverage for centralized management of Cisco PIX firewall and Cisco Catalyst 6500 Series FWSM including access control, VPNs, IDSs, and AAA
• Reduction in total configuration time
• Reduction in manual configuration errors
• Automatic update of remote firewall configurations and operating systems
• Automatic and periodic verification of remote firewall configurations
Smart Rules
Smart Rules is an innovative feature that allows common information, including access rules and settings, to be inherited for all firewalls in a device or customer group. Smart Rules allows a user to define common rules only one time, and then apply these rules to all firewalls, reducing configuration time and administrative errors. Smart Rules offers powerful device scalability. Smart Rules can be defined on a device or customer group.
Granular Administrative Privileges for Customer and Device Groups
The CiscoWorks Management Center for Firewalls allows users to separate devices by geography, customer, device type, or any other mechanism. The CiscoWorks Management Center for Firewalls supports multiple administrators. Administrative privileges can be defined on a device or customer group. Basic administrative privileges include the five roles defined in the CiscoWorks desktop. Administrative privileges can be defined within Cisco ACS to allow granular administrative privileges so that a customer can view their own firewall configurations but not those of another customer.
Benefits of CiscoWorks Management Center for Firewalls
The CiscoWorks Management Center for Firewalls, like other CiscoWorks products, supports flexible configuration deployment to a device, file directory, or CiscoWorks Auto Update Server Software. The CiscoWorks Management Center for Firewalls features the "look and feel" of the single-firewall Cisco PIX Device Manager. It offers the usability of Cisco PIX Device Manager combined with the scalability of centralized management for up to 1000 Cisco firewalls.
The CiscoWorks Management Center for Firewalls incorporates an easy-to-use Web GUI and secure configuration and distribution with Secure Sockets Layer (SSL) and secure digital certificates. The CiscoWorks Management Center for Firewalls supports scalability features from CiscoWorks LAN Management Solution (LMS) and Routed WAN Management Solution (RWAN) that facilitate LAN and WAN deployments of more than 20,000 devices. CiscoWorks features supported by the CiscoWorks Management Center for Firewalls include an approval flow, device list from CiscoWorks Resource Manager Essentials (RME), rollback, and activity and job management.
PRODUCT SPECIFICATIONS
Table 1 lists the primary specifications supported.
Table 1. Product Specifications
Product Compatibility
Cisco PIX 501, 506, 506E, 515, 515E, 525, and 535 firewalls; and the Cisco Catalyst 6500 Series FWSM
For comprehensive hardware and operating requirements see the CiscoWorks VMS overview at: http://www.cisco.com/go/vms.
ORDERING INFORMATION
The CiscoWorks Management Center for Firewalls is a featured component of CiscoWorks VMS. For ordering details refer to the CiscoWorks VMS product bulletin at http://www.cisco.com/go/vms.
SERVICE AND SUPPORT
Cisco Systems® offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, see Cisco Technical Support Services or Cisco Advanced Services.
FOR MORE INFORMATION
For more information about the CiscoWorks Management Center for Firewalls, visit: http://www.cisco.com/go/vms, contact your local account representative, or send e-mail to: ciscoworks@cisco.com.
