Simple Cisco VMS
Ray Geroski
Published: 09 Oct 2002 09:53 BST
Cisco recently announced an update to its CiscoWorks VPN/Security Management Solution (VMS) that makes it easier to manage and configure network security devices across the network. VMS 2.1 adds five new features to its arsenal and improves on the functionality of the previous release.
The new release's integrated interface promises to be a useful security management package, especially for companies with large, complex, and widely distributed networks.
Features
VMS's strength is that it combines many administrative tasks -- including configuration, monitoring, and maintenance of Cisco PIX firewalls, VPNs, and IDSs -- that would typically be handled separately. VMS 2.1 offers the following key features:
- Scalability
- Centralised management
- Security monitoring
- Change management
New with version 2.1 are Management Centers for PIX firewalls, VPN routers and IDS sensors, a security monitoring center, and the Auto Update Server.
Security scalability
"The enhancements we've made fall under the umbrella of multifaceted scalability," Cisco Product Manager Bob Yee said. "When customers usually think about scalability, they usually think just about the number of devices you can support. Given what's going on in the industry, scalability has gone well beyond that definition."
Yee gave two examples of how the traditional definition of scalability no longer fits.
Insurance companies and retail stores, he said, now find themselves needing to deploy firewalls at many remote sites to secure their data. That can mean thousands of locations with additional hardware devices, each with their own IP addresses. If the devices obtain IPs via DHCP, as Cisco recommends for some firewalls, a net admin would have a nightmare keeping track of all those changing addresses.
Another example Yee offered was the increasing trend among small and medium businesses (SMBs) to use wireless networking and VPN solutions. "You're introducing additional [access] points to the Internet that you didn't have to worry about before. Now you also have to worry about how you're going to harden those areas," Yee said.
One of the ways VMS 2.1 meets the challenge of multifaceted scalability, he said, is that it has a consistent look and feel across all its components. Yee compared the common interface design to that of the Microsoft Office suite. Regardless of which tool you're using -- firewall, VPN or IDS -- the look and feel of the product remains the same. This means that once you become familiar with navigating one tool, you essentially understand how to navigate and use all other components. Overall, this makes the products much easier to use.
Another major update to the product is the Auto Update Server, which can update all security devices on a network automatically either at specified times or upon wake-up. Admins no longer have to manually push new security configurations to the devices; VMS 2.1 lets the devices update themselves.
Policy inheritance is another important scalability feature of the product. It allows organisations to cascade standard policies to all sites. "Policy inheritance," Yee said, "gives companies the ability to make cookie cutter policies for all sites around the world."
The final aspect of VMS 2.1's multifaceted scalability is what Yee referred to as comprehensive identity management. VMS adds AAA (authentication, authorisation, accounting) security services for VPNs and wireless connections. These areas were not a primary concern until recently, Yee commented.
Previous
Did you find this article useful?
72 out of 192 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
