Installing Management Center for Cisco Security Agents 5.2 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTENTS Preface v Audience 1-v Conventions 1-vi Obtaining Documentation 1-vii Cisco.
Contents DNS and WINS Environments 1-9 Browser Requirements 1-9 Time and Date Requirements 1-10 Port Availability 1-10 Windows Cluster Support 1-11 Internationalization Support 1-11 Internationalization Support Tables 1-12 About CSA MC 1-17 CHAPTER Deployment Planning 2-1 2 Overview 2-1 Piloting the Product 2-2 Running a Pilot Program 2-2 Scalable Deployments 2-3 Hardware Sizing 2-3 Software Considerations 2-5 Configuration Recommendations for Scalability 2-5 Factors in Network Sizing 2-6 Factors in Da
Contents Licensing Information 3-2 Installing V5.
Contents Configure a Policy 4-18 Attach a Rule Module to a Policy 4-19 Attach a Policy to a Group 4-19 Generate Rule Programs 4-20 APPENDIX A Cisco Security Agent Installation and Overview A-1 Overview A-1 Downloading and Installing A-2 The Cisco Security Agent User Interface A-4 Installing the Solaris Agent A-6 Installing the Linux Agent A-8 APPENDIX B Third Party Copyright Notices B-1 Book Title iv 78-17916-01
Preface This manual describes how to configure the Management Center for Cisco Security Agents on Microsoft Windows 2003 operating systems and the Cisco Security Agent on supported Microsoft Windows 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows NT, Sun Solaris 9, Sun Solaris 8, RedHat Enterprise Linux 4.0, and RedHat Enterprise Linux 3.0 operating systems. In addition to the information contained in this manual, the release notes contain the latest information for this release.
Preface Conventions Conventions This manual uses the following conventions. Convention Purpose Example Bold text User interface field names and menu options. Click the Groups option. The Groups edit page appears. Italicized text Used to emphasize text. You must save your configuration before you can deploy your rule sets. Keys connected by the plus sign Keys pressed simultaneously. Ctrl+Alt+Delete Keys not connected by plus signs Keys pressed sequentially.
Preface Obtaining Documentation Obtaining Documentation Cisco documentation and additional literature are available on Cisco.com. This section explains the product documentation resources that Cisco offers. Cisco.com You can access the most current Cisco documentation at this URL: http://www.cisco.com/techsupport You can access the Cisco website at this URL: http://www.cisco.com You can access international Cisco websites at this URL: http://www.cisco.com/public/countries_languages.
Preface Documentation Feedback Ordering Documentation You must be a registered Cisco.com user to access Cisco Marketplace. Registered users may order Cisco documentation at the Product Documentation Store at this URL: http://www.cisco.com/go/marketplace/docstore If you do not have a user ID or password, you can register at this URL: http://tools.cisco.com/RPF/register/register.
Preface Cisco Product Security Overview To see security advisories, security notices, and security responses as they are updated in real time, you can subscribe to the Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed. Information about how to subscribe to the PSIRT RSS feed is found at this URL: http://www.cisco.com/en/US/products/products_psirt_rss_feed.html Reporting Security Problems in Cisco Products Cisco is committed to delivering secure products.
Preface Product Alerts and Field Notices If you do not have or use PGP, contact PSIRT to find other means of encrypting the data before sending any sensitive material. Product Alerts and Field Notices Modifications to or updates about Cisco products are announced in Cisco Product Alerts and Cisco Field Notices. You can receive these announcements by using the Product Alert Tool on Cisco.com. This tool enables you to create a profile and choose those products for which you want to receive information.
Preface Obtaining Technical Assistance Access to all tools on the Cisco Support website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL: http://tools.cisco.com/RPF/register/register.do Note Before you submit a request for service online or by phone, use the Cisco Product Identification Tool to locate your product serial number.
Preface Obtaining Technical Assistance solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL: http://www.cisco.com/techsupport/servicerequest For S1 or S2 service requests, or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.
Preface Obtaining Additional Publications and Information Obtaining Additional Publications and Information Information about Cisco products, technologies, and network solutions is available from various online and printed sources. • The Cisco Online Subscription Center is the website where you can sign up for a variety of Cisco e-mail newsletters and other communications. Create a profile and then select the subscriptions that you would like to receive.
Preface Obtaining Additional Publications and Information • Networking Professionals Connection is an interactive website where networking professionals share questions, suggestions, and information about networking products and technologies with Cisco experts and other networking professionals. Join a discussion at this URL: http://www.cisco.
CH A P T E R 1 Preparing to Install How the Cisco Security Agent Works The Cisco Security Agent provides distributed security to your enterprise by deploying agents that defend against the proliferation of attacks across networks and systems. These agents operate using a set of rules provided by the Management Center for Cisco Security Agents and selectively assigned to each client node on your network by the network administrator. This section includes the following topics.
Chapter 1 Preparing to Install Cisco Security Agent Overview Cisco Security Agent Overview Cisco Security Agent contains two components: • The Management Center for Cisco Security Agents (CSA MC)- installs on a secured server and includes a web server, a configuration database, and a web-based user interface. • The Cisco Security Agent (the agent)- installs on desktops and servers across your enterprise and enforces security policies on those systems.
Chapter 1 Preparing to Install Before Proceeding Before Proceeding Before installing CSA MC software, refer to the Release Notes for up-to-date information. Not doing so can result in the misconfiguration of your system. Make sure that your system is compatible with the Cisco product you are installing and that it has the appropriate software installed. Read through the following information before installing the CSA MC software.
Chapter 1 Preparing to Install System Requirements System Component Requirement Virtual Memory 2 GB virtual memory Hard Drive Space 9 GB minimum available disk drive space • Pager alerts require a Hayes Compatible Modem. • For optimal viewing of the CSA MC UI, you should set your display to a resolution of 1024x768 or higher. • On a system where CSA MC has never been installed, the CSA MC setup program first installs Microsoft SQL Server Express and the required .NET environment.
Chapter 1 Preparing to Install System Requirements To run the Cisco Security Agent on Windows servers and desktop systems, the requirements are as follows: Table 1-2 Agent Requirements (Windows) System Component Requirement Processor Intel Pentium 200 MHz or higher Note Operating Systems Up to eight physical processors are supported.
Chapter 1 Preparing to Install System Requirements System Component Requirement Hard Drive Space 50 MB or higher Note Network This includes program and data. Ethernet or Dial up Note Maximum of 64 IP addresses supported on a system. Installing Management Center for Cisco Security Agents 5.
Chapter 1 Preparing to Install System Requirements To run the Cisco Security Agent on your Solaris server systems, the requirements are as follows: Table 1-3 Agent Requirements (Solaris) System Component Requirement Processor UltraSPARC 400 MHz or higher Note Operating Systems Uni-processor, dual processor, and quad processor systems are supported. Solaris 9, 64 bit, patch version 111711-11 or higher, and 111712-11 or higher installed.
Chapter 1 Preparing to Install System Requirements Caution On Solaris systems running Cisco Security Agents, if you add a new type of Ethernet interface to the system, you must reboot that system twice for the agent to detect it and apply rules to it accordingly.
Chapter 1 Preparing to Install Environment Requirements Caution When upgrading or changing operating systems, uninstall the agent first. When the new operating system is in place, you can install a new agent kit. Because the agent installation examines the operating system at install time and copies components accordingly, existing agent components may not be compatible with operating system changes. Environment Requirements The following are recommendations for a secure setup and deployment of CSA MC.
Chapter 1 Preparing to Install Environment Requirements • You must have cookies enabled. This means using a maximum setting of "medium" as your Internet security setting. Locate this feature from the following menu, Tools>Internet Options. Click the Security tab. • JavaScript must be enabled. • If you are using Internet Explorer Version 6.0 SP1 or higher, your CSA MC FQDN cannot contain non-alphanumeric characters other than '-' and '.' .
Chapter 1 Preparing to Install Internationalization Support Windows Cluster Support Cisco Security Agent supports Network Load Balancing and Server Cluster for Windows 2003 and 2000 Server platforms. Cluster support may require certain network permissions to operate. As with other network services, your CSA MC policies must account for these network permissions. (Component Load Balancing, and Solaris and Linux Clusters are not officially supported in this release.
Chapter 1 Preparing to Install Internationalization Support Language Japanese Korean Spanish Operating System Localized Qualified Windows 2003 Yes Yes Windows 2000 Yes Yes Windows XP Yes Yes Windows 2003 Yes Yes Windows 2000 Yes Yes Windows XP Yes Yes Windows 2003 Yes Yes Windows 2000 Yes Yes Windows XP Yes Yes Windows 2003 Yes Yes Explanation of terms: Localized: Cisco Security Agent kits contain localized support for the languages identified in Table 1-5.
Chapter 1 Preparing to Install Internationalization Support Interface (MUI) supported languages, installs are always in English (Installshield does not support MUI), and the UI/dialogs are in English unless the desktop is Chinese (Simplified), French, German, Italian, Japanese, Korean, or Spanish. Any Windows 2000, Windows XP or Windows 2003 platforms/versions not mentioned in the tables below should be treated as not supported.
Chapter 1 Preparing to Install Internationalization Support Professional Server Advanced Server Greek S NA NA Hebrew NS NA NA Hungarian S S NA Italian L L(S) NA Japanese L L(S) L(S) Korean L L(S) L(S) Norwegian S NA NA Polish T T NA Portuguese S S NA Russian S S NA Spanish L L(S) L(S) Swedish S S NA Turkish S S NA Table 1-8 Windows XP Support Professional Home Arabic NS NS Chinese (Simplified) L L(S) Chinese (Traditional) T S Chinese (Ho
Chapter 1 Preparing to Install Internationalization Support Professional Home Greek S S Hebrew NS NS Hungarian S S Italian L L(S) Japanese L L(S) Korean L L(S) Norwegian S S Polish T T Portuguese S S Russian S S Spanish L L(S) Swedish S S Turkish S S Table 1-9 Windows 2003 Support Standard Web Enterprise Chinese (Simplified) L L(S) L(S) Chinese (Traditional) T S S Chinese (Hong Kong) S S S Czech S S S Dutch S NA NA English L L L French
Chapter 1 Preparing to Install Internationalization Support Standard Web Enterprise Polish T T T Portuguese S S S Russian S S S Spanish L L(S) L(S) Swedish S S S Turkish S S S On non-localized but tested and supported language platforms, the administrator is responsible for policy changes arising from directory naming variations between languages.
Chapter 1 Preparing to Install About CSA MC Figure 1-2 Diagnosis for Localized Host About CSA MC The CSA MC user interface installs as part of the overall Cisco Security Agent solution installation. It is through a web-based interface that all security policies are configured and distributed to agents. CSA MC provides monitoring and reporting tools, letting you generate reports with varying views of your network enterprise health and status.
Chapter 1 Preparing to Install About CSA MC Figure 1-3 CSA MC, Top Level View Installing Management Center for Cisco Security Agents 5.
CH A P T E R 2 Deployment Planning Overview This section provides information on deploying the product as part of pilot program and scaling the product to 100,000 agent deployments.
Chapter 2 Deployment Planning Piloting the Product Piloting the Product Before deploying Cisco Security Agents (CSA) on a large scale, it is critical that you run a manageable and modest initial pilot of the product. Even in a CSA upgrade situation, a pilot program is required. Due to the unique configuration of every individual enterprise, the pre-configured policies that ship with CSA will not fit every site perfectly. A certain amount of policy tuning is always necessary.
Chapter 2 Deployment Planning Scalable Deployments • How long should a pilot program run? Basically, the deploying and tuning of policies is an iterative process. Initially, you will have a great deal of event log noise to parse. You must examine the data coming in and edit your policies accordingly. Details: – Although every site is different, it would not be unusual to run a pilot program for approximately 90 days. All possible application usage should take place within the pilot time frame.
Chapter 2 Deployment Planning Scalable Deployments Hardware Configurations: 1. Single processor Pentium 4 (3Ghz+) with 2 GB RAM 2. Dual processor Xeon (2.5 Ghz+) with 4 GB RAM 3. Quad processor Xeon (2.5 Ghz+) with 8 GB RAM 4. Eight-Way Xeon (2.5 Ghz+) with 8 GB RAM The following tables approximate the number of agents you could deploy with each server configuration installed on one of four hardware configurations provided.
Chapter 2 Deployment Planning Scalable Deployments Software Considerations • CSA MC is only supported on Windows 2003 R2 Standard and Enterprise operating systems. Only Hardware Configurations 1 and 2 (referenced in previous tables) support Windows 2003 R2 Standard. Hardware Configuration 3 with 8GB RAM requires Windows 2003 R2 Enterprise to take advantage of the increased memory. Refer to the Microsoft web site product information section for details.
Chapter 2 Deployment Planning Scalable Deployments Factors in Network Sizing You can use the following data points for computing product network usage. The following numbers average tasks based on the upper limit of a 100,000 agent deployment. Agent and Configuration Statistics • Number of agents: 100,000 • Polling interval: 24 hours • Event retention: 60 days • Event updates: 3 per agent per day Task Size Statistics • Hint message: 1 Kb • Poll size: 2 Kb • Event update size: 2.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting • Agent update (with CTA) (downstream): 16666.67 Kb/sec, during update timeframe As an example of how you could compute network load using the data points provided here, take 100,000 agents, each generating an average of 3 events per day, and multiply Event update size, by number of Event updates, by number of agents, per a time frame of your choosing and average out a network load.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting • Use the supplied groups and if necessary define additional groups for each distinct desktop and server type in your network. In your pilot, you should have some participants that are using each desktop and server type so you can tune and troubleshoot all policies before deployment. Group membership is cumulative, which can be useful in tuning and troubleshooting.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting logging the behavior of the rules used by members of the Administrator group. Monitor policies can be used in clever ways to focus in on specific behavior without interrupting applications and services. • Set up separate agent kits to support the different features of your pilot.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting understand the behavior of the application, craft a policy, place it in test mode on the pilot machines, and examine the event log. Use the techniques in the rest of this section to tune/troubleshoot that application’s policy, re-examine the event log, and if you are satisfied with the result, place the application’s policy in live mode on the pilot machines. You repeat these steps with each application on your prioritized list.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting If one of the rule modules within a policy is not behaving as expected, you can place it in test mode while still keeping the remaining rule modules in live mode. To do this, select the Test Mode checkbox on any Configuration -> Rule Modules -> Rule Modules -> page.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting Caching and Resetting Query Responses Rules can be configured with enforcement actions of allow, deny, terminate, or query the user. In some cases, there are rules that already query the user but do so repeatedly instead of caching the user’s response to make it persistent.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting Setting Up Exception Rules In some cases, you need two or more different rules to completely specify the desired actions to a specific event. For example, you could have one rule that denies all applications from writing to the //blizzard/webdocs directory and another rule that allows the WebGuru application with authenticated user webmaster to write to the //blizzard/webdocs directory.
Chapter 2 Deployment Planning Policy Tuning and Troubleshooting • Whether you want the exception rule based on the application specified in the event or whether you want to base it on a new application class. After you click Finish in the wizard, the MC displays the new exception rule. At this point, you should do the following: 1. Change the Description field to an appropriate name. 2. Examine the details in the when box.
CH A P T E R 3 Installing the Management Center for Cisco Security Agents Overview This chapter provides instructions for installing CSA MC. Once you have reviewed the preliminary information outlined in the previous chapter, you are ready to proceed. It is through CSA MC that you create agent installation kits. The tools for creating agent kits are installed as part of CSA MC. This section contains the following topics. • Licensing Information, page 3-2 • Installing V5.
Chapter 3 Installing the Management Center for Cisco Security Agents Licensing Information • Installation Log, page 3-38 • Accessing Management Center for Cisco Security Agents, page 3-39 • Migration Instructions, page 3-40 • Initiating Secure Communications, page 3-44 • Uninstalling Management Center for Cisco Security Agents, page 3-49 • Copying Cisco Trust Agent Installer Files, page 3-50 Licensing Information The Management Center for Cisco Security Agents product CD and product download
Chapter 3 Installing the Management Center for Cisco Security Agents Installing V5.2 and Migrating Configurations and Hosts from Previous Versions Installing V5.2 and Migrating Configurations and Hosts from Previous Versions If you have previous versions (V5.1, V5.0, V4.5.x or V4.0.3) of the product installed, installing Management Center for Cisco Security Agents 5.2 does not upgrade those previous versions. V5.2 configurations coexists with V5.1, but in some cases it requires that V5.
Chapter 3 Installing the Management Center for Cisco Security Agents Installation and Migration Overview • Scenario 2 - Migrating V5.1 to V5.2 - Separate Systems: You can install V5.2 on a new machine and use the provided migration tools to move V5.1 configurations and hosts to the newly installed V5.2 system. • Scenario 3 - Migrating V5.0 to V5.1 to V5.2 - Same System: You can install V5.2 on the same machine where V5.0 resided once V5.
Chapter 3 Installing the Management Center for Cisco Security Agents Installation and Migration Overview Figure 3-1 Supported Migration Paths The CSA MC V5.2 installation does not automatically upgrade or overwrite the older installations. Ultimately, the migration process will allow you to import your older configuration items into the newly installed V5.2 system. It will also allow you to migrate hosts to V5.2. After installing V5.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents Directory Paths Per Version Cisco Systems\CSAMC\CSAMC52 Cisco Systems\CSAMC\CSAMC51 CSCOpx\CSAMC50 Local and Remote DB Installation Overview You must have local administrator privileges on the system in question to perform the CSA MC installation. Once you’ve verified system requirements, you can begin the installation.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Note If your plan is to use SQL Server 2005, it is recommended that you choose one of the other installation configuration options rather than the local database configuration. Note Microsoft SQL Server 2005 is the latest SQL Server database release.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents Using this configuration, you can deploy up to 100,000 agents. Having two CSA MCs lets you use one MC for host registration and polling and another MC for editing configurations. Caution If you are installing two CSA MCs with one of the MCs residing on the machine where the database is installed, you must select the Remote Database radio button during the installation of both MCs.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Step 1 Log on as a local Administrator on your Microsoft Server Windows 2003 R2 Standard or Enterprise system. Step 2 Put the Management Center for Cisco Security Agents CD into the CDROM drive. The welcome screen appears. Click Next to begin the installation. See Figure 3-2. (If the installation does not start automatically, browse to the setup.
Chapter 3 Local and Remote DB Installation Overview Figure 3-3 Step 5 CSA MC EULA License Agreement The installation check if the needed ports are available. Figure 3-4 Step 6 Installing the Management Center for Cisco Security Agents Installation Port Check The installation next asks if you are upgrading from a V5.0 Management Center. In this case, click No to continue. See Figure 3-5. (If you are upgrading from a V5.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-5 Step 7 The install then begins by prompting you to select a database location. In this case, you will keep the default selection of Local Database and click the Next button. See Figure 3-6. Figure 3-6 Step 8 Upgrade Question Window Database Setup Type If installing locally, the installation next checks to see if you have Microsoft SQL Server Express Edition installed.
Chapter 3 Local and Remote DB Installation Overview Note Caution Installing the Management Center for Cisco Security Agents For installations exceeding 1,000 agents, it is recommended that you install Microsoft SQL Server 2005 instead of using the Microsoft SQL Server Microsoft SQL Server Express Edition that is provided with the product. Refer to New Installation Configuration Options, page 3-6 for more information.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-8 SQL Server Installation Directory Selection SQL Server Express Edition installs .NET Framework on the system and continues to perform configuration tasks (see Figure 3-9). The SQL Server Express Edition windows that appear require no user action. Installing Management Center for Cisco Security Agents 5.
Chapter 3 Local and Remote DB Installation Overview Figure 3-9 Note Installing the Management Center for Cisco Security Agents SQL Server Express Edition Configuration Status Window When the Microsoft SQL Server Express Edition installation finishes, the CSA MC installation automatically begins again. This time the installation detects the Microsoft SQL Server Express Edition software and proceeds. Step 9 You are prompted to select a CSA MC directory installation path.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-10 Step 11 Enter Administrator Name and Password You are next prompted to select whether or not you want the system to automatically reboot once the installation is complete (see Figure 3-11). It is required that you reboot the system after the installation is complete whether you select Yes to have it done automatically or you choose to manually reboot at the end.
Chapter 3 Local and Remote DB Installation Overview Figure 3-12 Installing the Management Center for Cisco Security Agents Begin Install The install then proceeds copying the necessary files to your system. (See Figure 3-13.). The installation process then continues. (See Figure 3-14.) Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-13 Copy Files Installing Management Center for Cisco Security Agents 5.
Chapter 3 Local and Remote DB Installation Overview Figure 3-14 Note Installing the Management Center for Cisco Security Agents Installation Proceeds When the CSA MC installation completes, an agent installation automatically begins. It is recommended that an agent protect the CSA MC system. (You may uninstall the agent separately if you choose, but this is not the recommended configuration.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Microsoft SQL Server 2005 and 2000 Local Installation Notes Note The following instructions are only intended for administrators choosing to install CSA MC and Microsoft SQL Server 2005(or 2000) to the same system. These instructions are not for administrators using CSA MC with a remote database.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents • In the Setup Type installation window, choose the Typical radio button and in the Destination Folder section, click the various Browse buttons to install SQL Server on the system. • In the Services Accounts installation window, choose the Use the same account for each service radio button. In the Service Settings section, choose Use a Domain User Account.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Caution If you are installing both CSA MC and the database to the same machine with the provided Microsoft SQL Server Express database, you should install Microsoft SQL Server Express Edition as part of the CSA MC installation. The CSA MC installation runs the Microsoft SQL Server Express installation program choosing the Microsoft SQL Server Express settings the MC needs.
Chapter 3 Local and Remote DB Installation Overview Caution Installing the Management Center for Cisco Security Agents You must install a Cisco Security Agent on this remote database. This agent should be in the following groups: Servers-SQL Server, Servers-All types, Systems-Mission Critical, and Systems-Restricted Networking. You should install this agent after the last CSA MC has been installed and rebooted.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview • (SQL Server 2005 - only instruction) Right-click on the server name and view Properties. On the left side of the Properties panel, click Permissions. In the table containing the logins and roles, click on the user id that has been created for CSA MC. In the explicit permissions list for the user, for the permission “View Server State”, check the box for “Grant”.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents Once this is configured, you can begin the CSA MC installation. Before beginning, exit any other programs you have running on the system where you are installing CSA MC. To install the CSA MC, do the following: Step 1 Log on as a local Administrator on your Microsoft Server Windows 2003 R2 Standard or Enterprise system.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-15 Step 5 The installation asks if you are upgrading from a V5.0 Management Center. In this case, click No to continue. See Figure 3-16. (If you are upgrading from a V5.0 Management Center, click Yes and refer to Installing CSA MC with a Previous Version’s Database (Same System Installation), page 3-32.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents • Name of the server • Name of the database • Login ID • Password Figure 3-17 Remote Database Information Step 7 Once you enter the database information and click Next, the installation attempts to locate the database and verify that it is configured appropriately. If the database is not setup correctly, you are prompted with this information and the installation will not continue.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-18 Step 9 Installation Directory You are next prompted to enter Administrator Name and Password information. This the user name and password you will use to login in to CSA MC. See Figure 3-19. Enter this information and click Next. Installing Management Center for Cisco Security Agents 5.
Chapter 3 Local and Remote DB Installation Overview Figure 3-19 Installing the Management Center for Cisco Security Agents Enter Administrator Name and Password You are next prompted to select whether or not you want the system to automatically reboot once the installation is complete (see Figure 3-20). It is recommended that you reboot the system after the installation is complete whether you select Yes to have it done automatically or you choose to manually reboot at the end.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-21 Begin Install The install then proceeds copying the necessary files to your system (see Figure 3-22). Installing Management Center for Cisco Security Agents 5.
Chapter 3 Local and Remote DB Installation Overview Figure 3-22 Installing the Management Center for Cisco Security Agents Copy Files Once the copying is complete, the installation begins configuration and setup tasks. See Figure 3-23. Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-23 Note Installation Proceeds When the CSA MC installation completes, an agent installation automatically begins. It is recommended that an agent protect the CSA MC system and this is done automatically for you. (You may uninstall the agent separately if you choose, but this is not the recommended configuration.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents Installing CSA MC with a Previous Version’s Database (Same System Installation) This section addresses the procedure for backing up and importing a 5.0 database as part of CSA MC V5.2. same system installation. (Scenarios 3 and 5 in Figure 3-1). In order to perform this type of migration you must install a V5.1 MC along with the V5.2 MC. You must use V5.1 to migrate your V5.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-24 CSA MC Installation Welcome Screen Step 5 After you click Next in the welcome screen, various system checks are performed before the system installation continues. Step 6 When the initial system checks are complete, you are prompted to accept the license agreement. Accept the agreement by clicking Yes. See Figure 3-25. Installing Management Center for Cisco Security Agents 5.
Chapter 3 Local and Remote DB Installation Overview Figure 3-25 Step 7 CSA MC EULA License Agreement The installation asks if you are upgrading from a V5.0 Management Center. In this case, click Yes to continue. See Figure 3-26. Figure 3-26 Step 8 Installing the Management Center for Cisco Security Agents Upgrade Question Window Select whether your V5.0 installation used a local or a remote database. See Figure 3-27. Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-27 Step 9 Select V5.0 Database Type If you select Local Database, you are next asked to browse to the location of the backed-up V5.0 database. Once you’ve located the database, click Next to continue. See Figure 3-28. If you select Remote Database, you are asked to enter data for accessing the remote database. This remote database entry screen is the same as Figure 3-17.
Chapter 3 Local and Remote DB Installation Overview Figure 3-28 Installing the Management Center for Cisco Security Agents Browse to Backed-up V5.0 Database Step 10 Once the V5.0 local or remote database is located, the installation will proceed to install CSA MC V5.1. Step 11 You must create a user name and password to login into the CSA MC V5.1. See Figure 3-29. (You will later create another user and password for CSA MC V5.2). Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Local and Remote DB Installation Overview Figure 3-29 Username and Password Creation for V5.1 From here, you can continue by following the procedures detailed in Installing CSA MC with a Local Database, page 3-8 or Installing CSA MC with a Remote Database, page 3-21 depending on how you are installing the product. As stated earlier, the installation will proceed by first installing V5.1 and then directly begin the V5.
Chapter 3 Local and Remote DB Installation Overview Installing the Management Center for Cisco Security Agents Caution When installing two CSA MCs, the first MC you install automatically becomes the polling and logging MC. The second MC acts as the configuration MC. During the installation process, the CSA MCs know the order in which the MCs were installed and direct polling, logging, and management tasks to the appropriate MC.
Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents When the installation has completed and you’ve rebooted the system, a Management Center for Cisco Security Agents [version number] shortcut icon is placed on your desktop. Double-clicking this icon launches the MC in your default browser.
Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Figure 3-30 CSA MC Login Window Migration Instructions The following section contains information for migrating to CSA MC V5.2 from a previous version installed on the same system as CSA MC V5.2 and for a previous version installed on a separate machine. Both scenarios are covered here. Note If you install 5.2 on the same system where you have 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Step 1 Install the Management Center for Cisco Security Agents V5.2. See previous sections for instructions. • If you’re installing CSA MC V5.2 on the same machine running CSA MC V5.1, an xml file containing V5.1 configuration items and several .dat files containing host information are automatically generated by the installation and ready for importing once the install is complete.
Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Step 5 Next you copy the migration_data_export.xml and all the migration_host_data.dat files from the V5.x or V4.x system to your V5.2 system. These files must exist together in the same directory on the V5.2 system (although the directory name and location does not matter). Step 6 Then from the V5.
Chapter 3 Installing the Management Center for Cisco Security Agents Accessing Management Center for Cisco Security Agents Note Agent kits are configuration items that do not migrate to the new version. Because host migration does not relate to agent kits, old agents kits are not considered to be necessary migration items. Also, configuration items that are not used (not attached to anything) do not migrate to the new version. Caution When upgrading V5.x or V4.x agents to software version 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Secure Communications Upgrade Note Newer versions of policies are not automatically attached to the auto-enrollment groups during upgrade. If you want to update the mandatory policies, you can use the CSA MC Compare tool to synchronize the existing auto-enrollment groups with the new updated auto-enrollment groups added by the upgrade.
Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Secure Communications Figure 3-31 Certificate Information Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Secure Communications Step 4 The first Certificate Manager Import page contains an overview of certificate information. Click Next to continue. Step 5 From the Select a Certificate Store page, make sure the Automatically select the certificate store based on the type of certificate radio button is selected. Click Next. Figure 3-32 Certificate Wizard Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Initiating Secure Communications Step 6 You’ve now imported your certificate for the server. Click the Finish button (Figure 3-33) to continue. Figure 3-33 Certificate Wizard Finish Page Installing Management Center for Cisco Security Agents 5.
Chapter 3 Installing the Management Center for Cisco Security Agents Internet Explorer 7.0: Importing the Root Certificate Step 7 Now, you must save the certificate. Click the Yes button in the Root Certificate Store box. Step 8 You are next prompted with a confirmation box informing you that your certificate was created successfully. Note You must perform this certificate import process the first time you login to CSA MC from any remote machine.
Chapter 3 Installing the Management Center for Cisco Security Agents Uninstalling Management Center for Cisco Security Agents Figure 3-34 Internet Explorer 7.0 Certificate Screen Uninstalling Management Center for Cisco Security Agents Uninstall the CSA MC software as follows: Step 1 Click the uninstall CSA MC option on the system from Start>All Programs>Cisco Systems>Uninstall Management Center for Cisco Security Agents. This launches the uninstall program.
Chapter 3 Copying Cisco Trust Agent Installer Files Note Caution Installing the Management Center for Cisco Security Agents Uninstalling CSA MC does not uninstall the Microsoft SQL Server Desktop Engine (database). You must uninstall this separately from the Control Panel>Add/Remove Programs window if you are completely removing the product from your system.
Chapter 3 Installing the Management Center for Cisco Security Agents Copying Cisco Trust Agent Installer Files double-click the CtaAdminEx-xxx-xxx**.exe file and agree to the EULA (license) to extract the ctasetup-xxx-xxx.msi file. It is this msi file that you copy to the CSA MC system. Note Step 2 It is the user’s responsibility to verify that they have obtained the correct CTA installer files. Copy the CTA installer files to the %Program Files%\CSAMC52\bin\webserver\htdocs\cta_kits directory.
Chapter 3 Copying Cisco Trust Agent Installer Files Installing the Management Center for Cisco Security Agents Installing Management Center for Cisco Security Agents 5.
CH A P T E R 4 Quick Start Configuration Overview This chapter provides the basic setup information you need to start using the Management Center for Cisco Security Agents to configure some preliminary groups and build agent kits. The goal of this chapter is to help you quickly configure and distribute Cisco Security Agent kits to hosts and have those hosts successfully register with CSA MC.
Chapter 4 Quick Start Configuration Access Management Center for Cisco Security Agents • Configure a Rule Module, page 4-12 • Configure a Policy, page 4-18 • Attach a Rule Module to a Policy, page 4-19 • Attach a Policy to a Group, page 4-19 • Generate Rule Programs, page 4-20 Access Management Center for Cisco Security Agents Local Access • To access CSA MC locally on the system hosting CSA MC software, double-click the CSA MC desktop icon created during the installation.
Chapter 4 Quick Start Configuration Access Management Center for Cisco Security Agents Administrator Roles in CSA MC Administrators can have different levels of CSA MC database access privileges. The initial administrator created by the CSA MC installation automatically has configure privileges. When you create new administrators on the system, you can give them on of the following roles. CSA MC Administrator Roles: • Configure—This provides full read and write access to the CSA MC database.
Chapter 4 Quick Start Configuration Cisco Security Agent Policies Cisco Security Agent Policies CSA MC default Cisco Security Agent kits, groups, policies, and configuration variables are designed to provide a high level of security coverage for desktops and servers.
Chapter 4 Quick Start Configuration Configure a Group Configure a Group Host groups reduce the administrative burden of managing a large number of agents. Grouping hosts together also lets you apply the same policy to a number of hosts. A group is the only element required to build Cisco Security Agent kits. When hosts register with CSA MC, they are automatically put into their assigned group or groups. Once hosts are registered you can edit their grouping at any time.
Chapter 4 Quick Start Configuration Configure a Group Figure 4-1 Step 4 Group Configuration View Cisco suggests that you select the Test Mode checkbox (available from the Rule overrides section) for this group. In Test Mode, the policy we will later apply to this group will not be active. In other words, the agent will not deny any action even if an associated policy says it should be denied. Instead, the agent will allow the action but log an event letting you know the action would have been denied.
Chapter 4 Quick Start Configuration Build an Agent Kit Build an Agent Kit Note The Management Center for Cisco Security Agents ships with preconfigured agent kits you can use to download and install agents if they meet your initial needs (accessible from System>Agent kits in the menu bar). There are prebuilt kits for desktops, servers, and others. These kits place hosts in the corresponding groups and enforce the associated policies of each group.
Chapter 4 Quick Start Configuration Build an Agent Kit To create a Cisco Security Agent kit, do the following. Step 1 Move the mouse over Systems in the menu bar and select Agent Kits from the drop-down menu that appears. The agent kit list view displays the preconfigured agent kits. Step 2 Click the New button to create a new agent kit. You are prompted to select whether this is a Windows, Linux, or Solaris agent kit. For this example, click the Windows button.
Chapter 4 Quick Start Configuration Build an Agent Kit Figure 4-2 Create Agent Kit Once you click the Make Kit button and generate rules, CSA MC produces a kit for distribution (see Figure 4-3). You may distribute the kit download URL, via email for example, to the host systems the kit is designated for. They access the URL to download and then install the kit. This is the recommended method of agent kit distribution. But you may also point users to a URL for the CSA MC system.
Chapter 4 Quick Start Configuration Build an Agent Kit Note Note that the Registration Control feature also applies to the https:///csamc52/kits URL. If the Registration Control feature (see the User Guide for details on the feature) prevents your IP address from registering. Figure 4-3 Agent Kit Created Installing Management Center for Cisco Security Agents 5.
Chapter 4 Quick Start Configuration Build an Agent Kit The Cisco Security Agent • Users must have administrator privileges on their systems to install the Cisco Security Agent software. • The Cisco Security Agent installs on supported Windows, Linux, and Solaris platforms. (Note that on Solaris systems there is no agent user interface. See Appendix A in the User Guide for information on the Solaris agent utility.
Chapter 4 Quick Start Configuration View Registered Hosts View Registered Hosts From CSA MC, you can see which hosts have successfully registered by accessing Hosts from the Systems link in the menu bar. This takes you to the Hosts list page. On the right side of this page is a column that displays varying types of information on each host. Use the pulldown menu for this column to filter your host list based on the status in question.
Chapter 4 Quick Start Configuration Configure a Rule Module This quarantine list updates automatically (dynamically) as logged quarantined files are received. You can use a file access control rule to permanently quarantine a known virus as shown in this example. Note Cisco recommends that you do not edit the preconfigured policies shipped with the Management Center for Cisco Security Agents, but instead add new policies to groups for any changes you might want.
Chapter 4 Quick Start Configuration Configure a Rule Module Figure 4-5 Rule Module Creation View Create a File Access Control Rule Step 1 From the Rule Module configuration page (Figure 4-5), click the Modify rules link at the top of the page. You are now on the Rules page. Step 2 In the Rule page, click the Add rule link. A drop down list of available rule types appears. Step 3 Click the File access control rule from the drop down list (see Figure 4-6).
Chapter 4 Quick Start Configuration Configure a Rule Module Figure 4-6 Step 4 Step 5 Add Rules to Module In the File access control rule configuration view (see Figure 4-7), enter the following information: • Description—Quarantined and Suspected Virus Applications, write All Files • Enabled—(This is selected by default. Don’t change this setting for this example.) Select Priority Deny from the action pulldown list.
Chapter 4 Quick Start Configuration Configure a Rule Module Step 6 Select the Log checkbox. This means that the system action in question is logged and sent to the server. Generally, you will want to turn logging on for all deny rules so you can monitor event activity. Step 7 Select a preconfigured Application class from the available list to indicate the applications whose access to files we want exercise control over. For this rule, we’ll select Quarantined applications.
Chapter 4 Quick Start Configuration Configure a Rule Module Figure 4-7 File Access Control Rule Installing Management Center for Cisco Security Agents 5.
Chapter 4 Quick Start Configuration Configure a Policy Configure a Policy Generally, when you configure a policy, you are combining multiple rule modules under a common name. That policy name is then attached to a group of hosts and it uses the rules that comprise the policy to control the actions that are allowed and denied on those hosts. You can have several different types of rules in a rule module and consequently within one policy.
Chapter 4 Quick Start Configuration Configure a Policy Attach a Rule Module to a Policy To apply our configured email quarantine rule module to the policy we’ve created, do the following. Step 1 From Policy edit view, click the Modify rule module associations link. This takes you to a view containing a swap box list of available modules. Step 2 Select the Quarantined Application Module from the list box on the left and click the Add button to move it to the right side box.
Chapter 4 Quick Start Configuration Configure a Policy Figure 4-8 Attach Policy to Group Generate Rule Programs Now that we’ve configured our policy and attached it to a group, we’ll next distribute the policy to the agents that are part of the group. We do this by first generating our rule programs. Click Generate rules in the bottom frame of CSA MC. All pending database changes ready for distribution appear (see Figure 4-9).
Chapter 4 Quick Start Configuration Configure a Policy Figure 4-9 Generate Rule Programs You can ensure that agents have received this policy by clicking Hosts (accessible from Systems in the menu bar) and viewing the individual host status views. Click the Refresh button on your browser and look at the host Configuration version data in the host view to make sure it’s up-to-date. Note Hosts poll into CSA MC to retrieve policies.
Chapter 4 Quick Start Configuration Configure a Policy Refer to the User Guide to read about the configuration tasks described here in more detail. Installing Management Center for Cisco Security Agents 5.
APPENDIX A Cisco Security Agent Installation and Overview Overview This chapter describes the Cisco Security Agent and provides information on the agent user interface. It also includes installation information for Windows, Linux, and Solaris agents. (This information, with additional details, also appears in a similarly titled Appendix A in the User Guide.) Once the agent is installed, there is no configuration necessary on the part of the end user in order to run the agent software.
Appendix A Cisco Security Agent Installation and Overview Downloading and Installing Downloading and Installing Once you build an agent kit on CSA MC, you deliver the generated URL, via email for example, to end users so that they can download and install the Cisco Security Agent. They access the URL to download and then install the kit. This is the recommended method of agent kit distribution. But you may also point users to a URL for the CSA MC system.
Appendix A Cisco Security Agent Installation and Overview Downloading and Installing Figure A-1 Optional Agent Reboot If a system is not rebooted following the agent installation, the following functionality is not immediately available. (This functionality becomes available the next time the system is rebooted.) Windows agents • Network Shield rules are not applied until the system is rebooted. • Network access control rules only apply to new socket connections.
Appendix A Cisco Security Agent Installation and Overview Downloading and Installing After installation, the agent automatically and transparently registers with CSA MC. You can see which hosts have successfully registered by clicking the Hosts link available from the Systems category in the menu bar. This displays the hosts list view. All registered host system names appear here. The Cisco Security Agent User Interface Note The Cisco Security Agent user interface does not run on Solaris systems.
Appendix A Cisco Security Agent Installation and Overview Downloading and Installing • Allow user to modify agent security settings—Selecting this checkbox in the Agent UI control rule provides System Security and Untrusted Applications features. • Allow user to modify agent personal firewall settings—Selecting this checkbox in the Agent UI control rule provides Local Firewall Settings and File Protection features.
Appendix A Cisco Security Agent Installation and Overview Installing the Solaris Agent Installing the Solaris Agent This section details the commands you enter and the subsequent output that is displayed when you install the Cisco Security Agent on Solaris systems. Note See the similarly titled Appendix A in the User Guide for information on a Solaris agent utility which allows you to manually poll to CSA MC and perform other tasks.
Appendix A Cisco Security Agent Installation and Overview Installing the Solaris Agent Step 5 Answer yes (y) to continue the installation. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you want to continue with the installation of [y,n,?] y [Output:] Installing CSAagent as The installation continues to copy and install files.
Appendix A Cisco Security Agent Installation and Overview Installing the Linux Agent Caution If you are upgrading the Solaris agent and you encounter the following error, "There is already an instance of the package and you cannot install due to administrator rules", you must edit the file /var/sadm/install/admin/default. Change "instance=unique" to "instance=overwrite" and then proceed with the upgrade.
Appendix A Cisco Security Agent Installation and Overview Installing the Linux Agent Step 2 Untar the file. $ cd /tmp $ tar xvf CSA-Server_V5.2.0.218-lin-setup-1a969c667ddb0a2d2a8da3e7959 a30b2.tar Step 3 cd to CSCOcsa directory where the rpm package is located. Step 4 Run script install_rpm.sh as root. $ cd /tmp/CSCOcsa # sh ./install_rpm.sh The package will be installed to /opt/CSCOcsa, with some files being put into directories such as /lib/modules/CSCOcsa, /lib/csa, /etc/init.d and /etc/rc?.d.
Appendix A Cisco Security Agent Installation and Overview Installing the Linux Agent Caution On Linux systems, if you upgrade the kernel version or boot a different kernel version than the initial version where the agent was installed, you must uninstall and reinstall the agent. Uninstall Linux Agent To uninstall the Cisco Security Agent, do the following. Step 1 You must know the version number of the currently installed agent.
APPENDIX B Third Party Copyright Notices Cisco Security Agent utilizes third party software from various sources. Portions of this software are copyrighted by their respective owners as indicated in the copyright notices below. OPENSSL [version 0.9.7L] Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1.
Appendix B Third Party Copyright Notices 6. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Appendix B Third Party Copyright Notices Copyright remains Eric Young’s, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.
Appendix B Third Party Copyright Notices Apache [version 2.0.59], Xerces 2.7 and AxisCpp 1.6 Copyright © 2000-2005 The Apache Software Foundation. All rights reserved. Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction,and distribution as defined by Sections 1 through 9 of this document.
Appendix B Third Party Copyright Notices whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
Appendix B Third Party Copyright Notices contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution.
Appendix B Third Party Copyright Notices without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks.
Appendix B Third Party Copyright Notices TCL license This software is copyrighted by the Regents of the University of California, Sun Microsystems, Inc., Scriptics Corporation, and other parties. The following terms apply to all files associated with the software unless explicitly disclaimed in individual files.
Appendix B Third Party Copyright Notices foregoing, the authors grant the U.S. Government and others acting in its behalf permission to use and distribute the software in accordance with the terms specified in this license. Perl Copyright 1987-2005, Larry Wall Perl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the Perl 5 source kit.
Appendix B Third Party Copyright Notices IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. CMU-SNMP Libraries This product contains software developed by Carnegie Mellon University. Copyright 1998 by Carnegie Mellon University.
Appendix B Third Party Copyright Notices licensing terms described here. If modifications to this Software and Documentation have new licensing terms, the new terms must be clearly indicated on the first page of each file where they apply. OPEN MARKET MAKES NO EXPRESS OR IMPLIED WARRANTY WITH RESPECT TO THE SOFTWARE OR THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Appendix B Third Party Copyright Notices THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
Appendix B Third Party Copyright Notices a. Installation and Use. You may install and use any number of copies of the software on your devices. b. Included Microsoft Programs. The software contains other Microsoft programs. These license terms apply to your use of those programs. 2. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS. a. Distributable Code. You are permitted to distribute the software in programs you develop if you comply with the terms below. i. Right to Use and Distribute.
Appendix B Third Party Copyright Notices • include Distributable Code in malicious, deceptive or unlawful programs; or • modify or distribute the source code of any Distributable Code so that any part of it becomes subject to an Excluded License. An Excluded License is one that requires, as a condition of use, modification or distribution, that • the code be disclosed or distributed in source code form; or • others have the right to modify it. 3. INTERNET-BASED SERVICES.
Appendix B Third Party Copyright Notices 7. TRANSFER TO A THIRD PARTY. The first user of the software may transfer it and this agreement directly to a third party. Before the transfer, that party must agree that this agreement applies to the transfer and use of the software. The first user must uninstall the software before transferring it separately from the device. The first user may not retain any copies. 8. EXPORT RESTRICTIONS. The software is subject to United States export laws and regulations.
Appendix B Third Party Copyright Notices MICROSOFT EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. 14. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
Appendix B Third Party Copyright Notices By using this supplement, you accept these terms. If you do not accept them, do not use this supplement. If you comply with these license terms, you have the rights below. 1. SUPPORT SERVICES FOR SUPPLEMENT. Microsoft provides support servicesfor this supplement as described at www.support.microsoft.com/common/international.aspx. 2. MICROSOFT .NET FRAMEWORK BENCHMARK TESTING. This supplement includes the .
Appendix B Third Party Copyright Notices the right to disclose the results of benchmark tests it conducts of your products that compete with the .NET Component, provided it complies with the same conditions above. MarshallSoft Computing SMTP/POP3 Email Engine License for Use and Distribution MarshallSoft Computing, Inc. grants the registered user of SEE4C theright to use one copy of the SEE4C DLL's on a single computer in the development of any software product.
Appendix B Third Party Copyright Notices Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it.
Appendix B Third Party Copyright Notices To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. Finally, software patents pose a constant threat to the existence of any free program.
Appendix B Third Party Copyright Notices In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system.
Appendix B Third Party Copyright Notices Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1.
Appendix B Third Party Copyright Notices These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.
Appendix B Third Party Copyright Notices 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License.
Appendix B Third Party Copyright Notices executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.
Appendix B Third Party Copyright Notices a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8.
Appendix B Third Party Copyright Notices It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices.
Appendix B Third Party Copyright Notices THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16.
Appendix B Third Party Copyright Notices This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Appendix B Third Party Copyright Notices 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted in the software development community for the electronic transfer of data. 1.5. "Executable" means Covered Code in any form other than Source Code. 1.6. "Initial Developer" means the individual or entity identified as the Initial Developer in the Source Code notice required by Exhibit A. 1.7.
Appendix B Third Party Copyright Notices 1.12. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License or a future version of this License issued under Section 6.1. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You.
Appendix B Third Party Copyright Notices (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: 1) Modifications made by that Contributor (or portions thereof); and 2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combi
Appendix B Third Party Copyright Notices available to such recipients. You are responsible for ensuring that the Source Code version remains available even if the Electronic Distribution Mechanism is maintained by a third party. 3.3. Description of Modifications. You must cause all Covered Code to which You contribute to contain a file documenting the changes You made to create that Covered Code and the date of any change.
Appendix B Third Party Copyright Notices also duplicate this License in any documentation for the Source Code where You describe recipients' rights or ownership rights relating to Covered Code. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Code. However, You may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor.
Appendix B Third Party Copyright Notices affect. Such description must be included in the LEGAL file described in Section 3.4 and must be included with all distributions of the Source Code. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Application of this License.
Appendix B Third Party Copyright Notices MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE.
Appendix B Third Party Copyright Notices 8.3. If You assert a patent infringement claim against Participant alleging that such Participant's Contributor Version directly or indirectly infringes any patent where such claim is resolved (such as by license or settlement) prior to the initiation of patent infringement litigation, then the reasonable value of the licenses granted by such Participant under Sections 2.1 or 2.
Appendix B Third Party Copyright Notices This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law provisions (except to the extent applicable law, if any, provides otherwise), excluding its conflict-of-law provisions.
Appendix B Third Party Copyright Notices The Initial Developer of the Original Code is ________________________. Portions created by ______________________ are Copyright (C) ______ _______________________. All Rights Reserved. Contributor(s): ______________________________________. Alternatively, the contents of this file may be used under the terms of the _____ license (the "[___] License"), in which case the provisions of [______] License are applicable instead of those above.
Appendix B Third Party Copyright Notices provided to you by Sun under this Agreement. "Programs" mean Java applets and applications intended to run on the Java Platform, Standard Edition (Java SE) on Java-enabled general purpose desktop computers and servers. 2. LICENSE TO USE.
Appendix B Third Party Copyright Notices 6. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Appendix B Third Party Copyright Notices in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 11. GOVERNING LAW. Any action related to this Agreement will be governed by California law and controlling U.S. federal law. No choice of law rules of any jurisdiction will apply. 12. SEVERABILITY.
Appendix B Third Party Copyright Notices you distribute the Software complete and unmodified and only bundled as part of, and for the sole purpose of running, your Programs, (ii) the Programs add significant and primary functionality to the Software, (iii) you do not distribute additional software intended to replace any component(s) of the Software, (iv) you do not remove or alter any proprietary legends or notices contained in the Software, (v) you only distribute the Software subject to a license agree
Appendix B Third Party Copyright Notices Installing Management Center for Cisco Security Agents 5.
INDEX Attach policy to group 4-19 A Attach rule module to policy 4-19 Active hosts 4-12 Add rule 4-14 Administrator B local or LDAP authentication 4-3 Browser requirements 1-9 roles 4-3 Build an agent kit 4-7 Agent kits 4-7 optional reboot after install A-3 C registration 4-7 Certificate import 3-44, 3-48 user interface A-4 Cisco Security Agent on remote database 3-22 Agent (Linux) installing A-8 Agent (Solaris) Cisco Trust Agent (CTA) 3-50 installation files 3-50 Cluster support 1-11 instal
Index D H Deployment overview 1-2 Hosts Detailed description 4-4 about 4-5 Distributed configuration 3-38 active 4-12 DNS environments 1-9 not active 4-12 search 4-12 view 4-12 F HTTPS 1-8, A-2 File access control rule 4-14 FireFox version support 1-10 Force reboot after install 4-8 I Import migration data 3-42 Import Root Certificate 3-44 Inactive hosts 4-12 G Install Generate rules 4-20 agent A-2 Generating configurations 4-20 certificate (IE) 3-44 Group Microsoft SQL Server 3-11 co
Index Windows XP 1-14 Internet Explorer Operating systems sample 2-2 Overview of product 1-1 version support 1-9 P L Pilot Licensing import information 3-18, 3-31 Licensing information 3-2 recommendations 2-2 Pilot Program Local database install 3-6 size of pilot 2-2 Log time frame of pilot 2-3 installation 3-38 Login locally 3-39 remotely 3-39 Policies pre-configured modules 4-4 Policy add rule 4-14 attach to group 4-19 M configure 4-12 distribute to agents 4-20 Make kit 4-8 exception rule
Index server configurations 2-3 Q Scalable deployment 2-3 Quick start setup 4-1 configuration recommendations 2-5 content engines 2-5 hardware sizing 2-3 R polling interval 2-5 software considerations 2-5 Reboot optional three servers 2-3 agent A-2, A-3 Registered hosts view 4-12 Remote access 3-39, 4-2 Secure communications 3-44 Single server 2-3 Software updates Force reboot 4-8 Remote database install 3-7 Requirements Solaris agent install directory A-7 agent 1-5 Solaris host migration 3-43
Index remote db and CSA MC system 3-21 Two servers 2-3 U Uninstall CSA MC 3-49 UNIX agent install directory A-7 Upgrade naming conventions 3-42 V Verbose logging mode 4-6 Version labels 3-42 W Web-based user interface 1-2, 1-17 Web browser requirements 1-9 Windows Cluster support 1-11 Windows requirements agent 1-5 WINS environments 1-9 Installing Management Center for Cisco Security Agents 5.
Index Installing Management Center for Cisco Security Agents 5.
