1-6
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 1 Getting Started with Security Manager
Product Overview
FlexConfigs
Flexconfig policies and policy objects enable you to provision features that are available on the
device but not natively supported by Security Manager. They enable you to manually specify a set
of CLI commands and to deploy them to devices using Security Manager’s provisioning
mechanisms. These commands can be either prepended or appended to the commands generated by
Security Manager to provision security policies.
For more information, see Chapter 7, “Managing FlexConfigs”.
Security Manager Applications Overview
The Security Manager client includes five main applications:
Configuration Manager—This is the primary application. You use Configuration Manager to
manage the device inventory, create and edit local and shared policies, manage VPN configurations,
and deploy policies to devices. Configuration Manager is the largest of the applications and most of
the documentation addresses this application. If a procedure does not specifically mention an
application, the procedure is using Configuration Manager. For an introduction to Configuration
Manager, see Using Configuration Manager - Overview, page 1-12.
Event Viewer—This is an event monitoring application, where you can view and analyze events
generated from IPS, ASA, and FWSM devices that you have configured to send events to Security
Manager. For information about using Event Viewer, see Chapter66, “Viewing Events”.
Report Manager—This is a reporting application, where you can view and create reports of
aggregated information on device and VPN statistics. Much of the information is derived from
events available through Event Viewer, but some of the VPN statistics are obtained by
communicating directly with the device. For information about using Report Manager, see
Chapter 67, “Managing Reports”.
Health & Performance Monitor—The HPM application lets you monitor key health and
performance data for ASA (including ASA-SM) devices, IPS devices, and VPN services by
providing network-level visibility into device status and traffic information. This ability to monitor
key network and device metrics lets you quickly detect and resolve device malfunctions and
bottlenecks in the network. See Chapter 68, “Health and Performance Monitor Overview” for more
information about this application.
Image Manager—The Image Manager application provides complete image management of ASA
devices. It facilitates downloading, evaluating, analyzing, preparing, and planning image updates. It
assesses image availability, compatibility, and impact on devices and provides scheduling, grouping,
and change management of device updates. In addition, Image Manager includes capabilities for
maintaining an image repository as well as for ensuring stable fallback and recovery mechanisms
for image updates on ASA devices. For information about using Image Manager, see Chapter70,
“Using Image Manager”.
You can open any of these applications directly from the Windows Start menu or a desktop icon, or you
can open them from within any of these applications through the application’s Launch menu. For
information on opening applications, see Logging In to and Exiting the Security Manager Client,
page 1-11.
Device Monitoring Overview
Security Manager includes several facilities for monitoring devices: