Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSM - Device update capabilities

Hello,

Most of my question is already answered but I have to be sure about the capability of the CSM (and the Auto Update Server) about the update of my "Security Devices" (ASA 5500, AIP-SSM, IPS 4200).

(I am talking about the CSM 3.3.1 and 4.0)

With the CSM can I remotely on a large infrastructure update:

- the ASA software : I think yes. What about 2 ASA in active/passive mode?

- the AIP-SSM software?

- the AIP-SSM recovery partition?

- the IPS 4200 software?

- the IPS 4200 recovery partition?

- the IPS signature update file: yes

If one this updates cannot be done by the CSM, it means that I have to do it device by device?

If my CSM server is offline, can I manually download the IPS sig updates and put them on the CSM?

During the software update on these devices, is the configuration saved ?

Thanks in advance!

6 REPLIES
Cisco Employee

Re: CSM - Device update capabilities

AUS can do updates and config pushes to your devices that support it like the ASA.

If you want a more complete config archive and config  manangement and software image management you should also look into RME http://www.cisco.com/en/US/products/sw/cscowork/ps2073/index.html that works with CiscoWorks and CSM.

I hope it helps.

PK

New Member

Re: CSM - Device update capabilities

Thanks for the answer!

Ok, but can AUS also take care of the IPS 4260 and AIP-SSM?

Is RME fully integrated into the CSM or is it an external application?

Thanks

Cisco Employee

Re: CSM - Device update capabilities

CSM will directly handle auto-updating of IPS sensors; AUS is not used.  You simply need to configure the IPS updates in the Security Adminsiration; within the CSM client:

Tools>Security Manager Adminsitration...

Choose "IPS Updates"

Configure the Auto Update Settings in the left-hand pane as required for your environment.

RME is no longer a required component of CSM and is a separate application.

Scott

Cisco Employee

Re: CSM - Device update capabilities

To add to Scott's comments:

AUS is EOS http://www.ciscosystems.cg/en/US/products/hw/vpndevc/prod_category_end_of_life.html so you don't want to go towards it.

RME is a product that integrates with CSM , is running in the same server and manages config, archives and images of devices.

I hope it helps.

PK

New Member

Re: CSM - Device update capabilities

All right, so to sum up, I can do all the tasks in my first post (the 6 points) with the CSM (without RME), yes?

Thanks!

Cisco Employee

Re: CSM - Device update capabilities

Yes, you should be able to accommodate ASA and IPS software management without the need to install RME; AUS for ASA image management and CSM for IPS software management.

Scott

573
Views
0
Helpful
6
Replies
CreatePlease login to create content