1-7
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter1 Getting Started with Security Manager
Product Overview
Event Viewer—This integrated tool allows you to view events on ASA, FWSM, and IPS devices
and correlate them to the related configuration policies. This helps you identify problems,
troubleshoot configurations, and then fix the configurations and redeploy them. For more
information, see Chapter 66, “Viewing Events”.
Report Manager—This is a reporting application, where you can view and create reports of
aggregated information on device and VPN statistics. Much of the information is derived from
events available through Event Viewer, but some of the VPN statistics are obtained by
communicating directly with the device. For information about using Report Manager, see
Chapter 67, “Managing Reports”.
For information on all of the types of reports available in Security Manager, see Understanding the
Types of Reports Available in Security Manager, page 67-2.
Health & Performance Monitor—The HPM application lets you monitor key health and
performance data for ASA (including ASA-SM) devices, IPS devices, and VPN services by
providing network-level visibility into device status and traffic information. See Chapter 68,
“Health and Performance Monitoring” for more information about this application.
Packet Tracer—You can use this tool to test whether certain types of packets will be allowed to go
through an ASA device. For more information, see Analyzing an ASA or PIX Configuration Using
Packet Tracer, page 69-12.
Ping, Trace route, and NS Lookup—You can use ping and traceroute on a managed device to
check whether there is a route between the device and a specific destination. You can use NS lookup
to resolve addresses to DNS names. For more information, see Analyzing Connectivity Issues Using
the Ping, Trace Route, or NS Lookup Tools, page69-14.
Cisco Prime Security Manager (PRSM) Integration—You can “cross launch” PRSM from the
Configuration Manager application. The PRSM application is used to configure and manage ASA
CX devices. For more information, see Launching Cisco Prime Security Manager, page69-9.
Device Manager Integration—Security Manager includes read-only copies of the various device
managers, such as Adaptive Security Device Manager (ASDM). You can use these tools to view
device status, but not to change the device configuration. For more information, see Starting Device
Managers, page 69-4.
Cisco Security Monitoring, Analysis and Response System (CS-MARS) Integration—If you
use the CS-MARS application, you can integrate it with Security Manager and view events in
CS-MARS from Security Manager, and conversely, Security Manager policies related to events from
CS-MARS. For more information, see Integrating CS-MARS and Security Manager, page69-22.
IPv6 Support in Security Manager
Security Manager provides increasing support for IPv6 configuration, monitoring, and reporting.
Note To manage a device that supports IPv6 addressing with Security Manager, you must configure the
device’s management address as an IPv4 address. All communications between the device and Security
Manager, such as policy discovery and deployment, use IPv4 transport. Also, if the IPv6 policies are not
appearing for a supported device, rediscover the device policies; if necessary, delete the device from the
inventory and add it again.