Information Technology Reference
In-Depth Information
Security management applications consolidate network management and monitoring,
which allows more secure control of the network. Security management provides several
functions:
Central repository for collecting network information for further analysis of security-
related events. In addition, many applications have reporting capabilities to help net-
work managers' present technical information to upper management. Some examples
include authentication, authorization, and accounting (AAA) with TACACS and RA-
DIUS servers, syslog servers, and IPS System Manager, which enables deep inspection
of complex security events.
■
Allows for easier deployment of security policies into the security devices via graphi-
cal user interface (GUI) tools. These tools help you maintain the consistency of the
security policies across a broad spectrum of network device types.
■
Role-based access control for all accounts to separate administrative tasks and user
functions.
■
Security implementations need to be planned properly using the security policies gov-
erned by the organization to make good use of the security applications. From time to
time, audits are necessary, which requires updates to the security policy and related secu-
rity management applications. A major risk to security implementations is policy error.
Management needs to be cognizant of the security policy and know how to manage inci-
dents properly.
Security Platform Solutions
Cisco has a variety of security management products and technologies that allow scalable
administration and enforcement of security policy for the Cisco SCF architecture. These
solutions reduce the operational management and automate many of the common tasks,
including configuration, analysis, incident response, and reporting. Security management
platforms include the following:
Key
To p i c
Cisco Security Manager (CSM)
is an integrated solution for GUI configuration man-
agement of firewall, VPN, and IPS policies on Cisco security appliances, firewalls,
routers, and switch modules. CSM has capabilities for security policies to be de-
ployed by device, by group, or globally for all devices.
■
Cisco Secure Access Control Server (ACS)
provides centralized control for adminis-
trative access to Cisco devices and security applications. ACS provides for AAA se-
curity services and supports routers, switches, VPN services, ASAs, and Cisco NAC
clients. In addition, Cisco ACS also supports back-end directory integration with
Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory (AD)
for authent ic at ion s er v ice s.
■
Cisco Security Monitoring, Analysis, and Response System (Cisco Security
MARS)
tor, identify, isolate, and respond to security threats. MARS understands the network
■
