Managing Cisco Network Security, Second Edition

Network security has become more critical to organizations than ever before. The associated security risks have become very high, with most organizations configuring and deploying firewalls to improve network boundary security and virtual private networks (VPNs) to protect the integrity of the network and establish secure business-to-business communications.
As you will see, the Cisco Secure Policy Manager (CSPM) is an excellent tool that allows you to minimize costs and ensure a consistent security policy on your network. It also allows you to manage your network and associated services with a consolidated management system. It supports the different network requirements of your organization that are used to establish a secure connection for your intranets with multiple firewalls and VPN routers, and allows real-time monitoring of alerts from Intrusion Detection sensors.
In this chapter, we will take a look at the CSPM as a whole, the features that come with it, and then take some time to examine exactly how it should be used.
The CSPM is a powerful policy-driven management system for Cisco PIX firewalls, IP Security (IPSec) routers, and Cisco Intrusion Detection System (Cisco IDS) sensors. With CSPM, you can define, distribute, enforce, and audit your entire network security policies from a central location. You can use CSPM to configure your PIX firewalls on the boundary of your enterprise network as well as configure Network Address Translation (NAT) and IPSec based VPNs. This allows for easy and simple deployment of your security...