Manualshelf

Release Notes

ManualsBrandsCisco Manualssecurity management softwareCisco Security Manager 4.0
12345678910
7
Release Notes for Cisco Security Manager 4.0
OL-21744-02
Important Notes
Step 3 Click Security Manager (CSM) Software, expand the 4.0 folder under All Releases, and then click
4.0sp1.
Step 4 Download the file fcs-csm-40-sp1-win-k9.exe.
Step 5 To install the service pack, close all open applications, including the Cisco Security Manager Client.
Step 6 Manually stop the Cisco Security Agent service from Start > Settings > Control Panel >
Administrative Tools > Services.
Step 7 Run the fcs-csm-40-sp1-win-k9.exe file that you previously downloaded.
Step 8 In the Install Cisco Security Manager 4.0 Service Pack 1dialog box, click Next and then click Install in
the next screen.
Step 9 After the updated files have been installed, click Finish to complete the installation.
Step 10 On each client machine that is used to connect to the Security Manager server, you must perform the
following steps to apply the service pack before you can connect to the server using that client:
a. Manually stop the Cisco Security Agent service from Start > Settings > Control Panel >
Administrative Tools > Services.
b. Launch the Security Manager client.
You will be prompted to “Download Service Pack”.
c. Download the service pack and then launch the downloaded file to apply the service pack.
Step 11 (Optional) Go to the client installation directory and clear the cache, for example, <Client Install
Directory>/cache.
Important Notes
The following notes apply to the Security Manager 4.0 release:
You can use IPv4 addresses only in Security Manager. Although some of the device software
Security Manager supports allows you to use IPv6 addresses on commands, Security Manager does
not support IPv6 addresses directly. If you want to configure IPv6 features using Security Manager,
you can use FlexConfig policies.
You cannot use Security Manager to manage an ASA 8.3+ device if you enable password encryption
using the password encryption aes command. You must turn off password encryption before you
can add the device to the Security Manager inventory.
ASA 8.3 ACLs use the real IP address of a device, rather than the translated (NAT) address. During
upgrade, rules are converted to use the real IP address. All other device types, and older ASA
versions, used the NAT address in ACLs.
The device memory requirements for ASA 8.3 are higher than for older ASA releases. Ensure that
the device meets the minimum memory requirement, as explained in the ASA documentation, before
upgrade. Security Manager blocks deployment to devices that do not meet the minimum
requirement.
If you have a device that uses commands that were unsupported in previous versions of Security
Manager, these commands are not automatically populated into Security Manager as part of the
upgrade to this version of Security Manager. If you deploy back to the device, these commands are
removed from the device because they are not part of the target policies configured in Security
Manager. We recommend that you set the correct values for the newly added attributes in Security