ASDM Installation
Before installing ASDM, follow these steps:
Step 1 Save or print your Security Appliance configuration and write down
your activation key.
Step 2 If you are upgrading from a previous version of Security Appliance
software, you must obtain the ASDM software from Cisco in the same
way you download the Security Appliance software. Then, use TFTP to
download the image to your Security Appliance unit.
Step 3 If you upgrade your Cisco Security Appliance Software to version 7.0
and you plan to use ASDM, both the Security Appliance image and the
ASDM image must be installed on your failover units.
Step 4 You must configure the Security Appliance with some information
before ASDM will be available to a web browser:
• Time—Set the Security Appliance clock to Universal Coordinated
Time (UTC, also known as Greenwich Mean Time, or GMT). Use the
clock set command to set the time on the Security Appliance:
clock set hh:mm:ss day month year
• Inside IP address—Specify the IP address of the Security Appliance’s
inside interface. Use the ip address command to set the inside
interface on the Security Appliance:
ip address ip_address [netmask]
• Hostname—Specify up to 16 characters as a name for the Security
Appliance. Use the hostname command to set the host name on the
Security Appliance:
hostname newname
• Domain name—Specify the domain name for the Security Appliance.
Use the domain-name command to set the domain name on the
Security Appliance:
domain-name name
• IP address of the host running ASDM—Specify the IP address of the
workstation that will access ASDM from its browser. Use the http
command to set the IP address for the workstation:
http ip_address [netmask] [if_name]
• HTTP server—Enable the HTTP server on the Security Appliance.
Use the http server enable command to set the IP address for the
workstation.
IT Certification CCIE,CCNP,CCIP,CCNA,CCSP,Cisco Network Optimization and Security Tips
Linux Requirements
Linux Requirements
The following requirements apply to the use of ASDM with Linux:
■ Any Pentium or Pentium-compatible processor running at 450 MHz or higher.
■ Red Hat Linux 9.0 or Red Hat Linux WS version 3 running the GNOME or KDE 2.0
desktop environment.
■ Supported browser—Mozilla 1.7.3 with Java Plug-in version 1.4.2 or 1.5.0.
■ At least 256 MB of RAM.
■ A 1024 x 768-pixel display and 256 colors.
The following requirements apply to the use of ASDM with Linux:
■ Any Pentium or Pentium-compatible processor running at 450 MHz or higher.
■ Red Hat Linux 9.0 or Red Hat Linux WS version 3 running the GNOME or KDE 2.0
desktop environment.
■ Supported browser—Mozilla 1.7.3 with Java Plug-in version 1.4.2 or 1.5.0.
■ At least 256 MB of RAM.
■ A 1024 x 768-pixel display and 256 colors.
Sun Solaris Requirements
Sun Solaris Requirements
The following requirements apply to the use of ASDM with Sun Scalable Processor
ARChitecture (SPARC):
■ Sun Solaris 2.8 or later running CDE or OpenWindows window manager.
■ SPARC microprocessor.
■ Supported browser—Mozilla 1.7.3 with Java Plug-in version 1.4.2 or 1.5.0.
■ At least 256 MB of RAM.
■ A 1024 x 768-pixel display and 256 colors are recommended.
The following requirements apply to the use of ASDM with Sun Scalable Processor
ARChitecture (SPARC):
■ Sun Solaris 2.8 or later running CDE or OpenWindows window manager.
■ SPARC microprocessor.
■ Supported browser—Mozilla 1.7.3 with Java Plug-in version 1.4.2 or 1.5.0.
■ At least 256 MB of RAM.
■ A 1024 x 768-pixel display and 256 colors are recommended.
Windows Requirements
Windows Requirements
The following are required to access ASDM from a Windows 2000/XP operating system:
■ Windows 2000 (Service Pack 4) or Windows XP.
■ Supported browsers—Internet Explorer 6.0 with the Java Plug-in version 1.4.2 or
1.5.0, Netscape Communicator 7.2 with the Java Plug-in version 1.4.2 or 1.5.0 or
higher (4.76 recommended).
■ Any Pentium or Pentium-compatible processor running at 450 MHz or higher.
■ At least 256 MB of RAM.
■ A 1024 x 768-pixel display and at least 256 colors are recommended.
The following are required to access ASDM from a Windows 2000/XP operating system:
■ Windows 2000 (Service Pack 4) or Windows XP.
■ Supported browsers—Internet Explorer 6.0 with the Java Plug-in version 1.4.2 or
1.5.0, Netscape Communicator 7.2 with the Java Plug-in version 1.4.2 or 1.5.0 or
higher (4.76 recommended).
■ Any Pentium or Pentium-compatible processor running at 450 MHz or higher.
■ At least 256 MB of RAM.
■ A 1024 x 768-pixel display and at least 256 colors are recommended.
Browser Requirements
Browser Requirements
The following are the requirements to access ASDM from a browser:
■ JavaScript and Java must be enabled—If these are not enabled, ASDM helps the
administrator enable them. When using your browser, Java Plug-in version 1.4.2 or 1.5.0
is supported. To check which version the administrator has, launch ASDM. In the main
ASDM menu, click Help > About Cisco ASDM 5.0 for PIX. When the About Cisco
ASDM 5.0 for PIX window opens, it displays the browser specifications in a table,
including the Java version. If the administrator has an older Java version, the
administrator can download the supported Java plug-in version from Microsoft.
PIX Firewall Model Flash Memory Required
PIX 535 16 MB
ASA 5510 256 MB
ASA 5520 256 MB
ASA 5540 256 MB
Table 15-2 Flash Memory Requirements for each PIX and ASA Model to Support
ASDM 5.0 (Continued)
460 Chapter 15: Adaptive Security Device Manager
■ Browser support for SSL must be enabled—The supported versions of Internet Explorer
and Netscape Navigator support SSL without requiring additional configuration.
■ Pop-up blockers may prevent ASDM from starting—If ASDM does not start, it is
advisable to disable pop-up blocking.
The following are the requirements to access ASDM from a browser:
■ JavaScript and Java must be enabled—If these are not enabled, ASDM helps the
administrator enable them. When using your browser, Java Plug-in version 1.4.2 or 1.5.0
is supported. To check which version the administrator has, launch ASDM. In the main
ASDM menu, click Help > About Cisco ASDM 5.0 for PIX. When the About Cisco
ASDM 5.0 for PIX window opens, it displays the browser specifications in a table,
including the Java version. If the administrator has an older Java version, the
administrator can download the supported Java plug-in version from Microsoft.
PIX Firewall Model Flash Memory Required
PIX 535 16 MB
ASA 5510 256 MB
ASA 5520 256 MB
ASA 5540 256 MB
Table 15-2 Flash Memory Requirements for each PIX and ASA Model to Support
ASDM 5.0 (Continued)
460 Chapter 15: Adaptive Security Device Manager
■ Browser support for SSL must be enabled—The supported versions of Internet Explorer
and Netscape Navigator support SSL without requiring additional configuration.
■ Pop-up blockers may prevent ASDM from starting—If ASDM does not start, it is
advisable to disable pop-up blocking.
ASDM Workstation Requirement
ASDM Workstation Requirement
ASDM, as mentioned previously, is accessed via a browser interface. The following sections
provide an overview of ASDM requirements for these:
■ Browser
■ Windows-based workstation
■ Sun Solaris–based workstation
■ Linux-based workstation
ASDM 5.0 does not support Windows 3.1, Windows 95, Windows 98, Windows Me, or
Windows NT operating systems.
ASDM, as mentioned previously, is accessed via a browser interface. The following sections
provide an overview of ASDM requirements for these:
■ Browser
■ Windows-based workstation
■ Sun Solaris–based workstation
■ Linux-based workstation
ASDM 5.0 does not support Windows 3.1, Windows 95, Windows 98, Windows Me, or
Windows NT operating systems.
Flash Memory Requirements for each PIX and ASA Model to Support
Flash Memory Requirements for each PIX and ASA Model to Support
ASDM 5.0
PIX Firewall Model Flash Memory Required
PIX 515/515E 16 MB
PIX 520 16 MB
PIX 525 16 MB
ASDM 5.0
PIX Firewall Model Flash Memory Required
PIX 515/515E 16 MB
PIX 520 16 MB
PIX 525 16 MB
Security Appliance Requirements to Run ASDM
Security Appliance Requirements to Run ASDM
Like all software, ASDM 5.0 has minimum hardware and software requirements for it to
work. ASDM 5.0 is available on all PIX 515/515E, PIX 525, PIX 535, ASA 5510, ASA 5520,
and ASA 5540 platforms running software version 7.0. Depending on the type of model on
which ASDM will be running, it must have at least 256 MB of RAM and the Flash memory
sizes listed in Table 15-2.
Like all software, ASDM 5.0 has minimum hardware and software requirements for it to
work. ASDM 5.0 is available on all PIX 515/515E, PIX 525, PIX 535, ASA 5510, ASA 5520,
and ASA 5540 platforms running software version 7.0. Depending on the type of model on
which ASDM will be running, it must have at least 256 MB of RAM and the Flash memory
sizes listed in Table 15-2.
Security Appliance Adaptive Security Device Manager GUI
Security Appliance Adaptive Security Device Manager GUI
NOTE ASDM is a signed Java applet that downloads from the Security Appliance to your
web browser or a standalone installer.
458 Chapter 15: Adaptive Security Device Manager
If your Cisco Security Appliance unit is new and came with software version 7.0, the
software is already loaded in Flash memory. If you are upgrading from a previous version of
Cisco Security Appliance, you must use Trivial File Transfer Protocol (TFTP) from the
Security Appliance unit’s inside interface to copy the ASDM image to your Security
Appliance. ASDM works with software version 7.0 and later, and it can operate on the
Security Appliance 515, 515E, 525, 535, 5510, 5520, and 5540 units as soon as they are
upgraded to version 7.0 or later.
ASDM is designed to assist you in managing your network security in these ways:
■ Letting you visually monitor your Cisco Security Appliance system, connections,
Intrusion Detection System (IDS), and traffic on the interfaces.
■ Creating new Security Appliance configurations or modifying existing configurations
that were originally implemented using the Security Appliance.
■ Using visual tools such as task-oriented selections and drop-down menus to configure
your Cisco Security Appliance.
■ Using Secure Sockets Layer (SSL) to secure communication between ASDM and the
Security Appliance.
■ Monitoring and configuring Security Appliance units individually.
Multiple Cisco Security Appliances can be monitored and configured from a single
workstation via the web browser. It is also possible to have up to five administrators
accessing a given Security Appliance unit or context via ASDM at the same time. A maximum
of 32 total sessions can be active on a unit running multiple mode.
For the SNPA exam, this chapter focuses on ASDM version 5.0 running on software version 7.0.
NOTE ASDM is a signed Java applet that downloads from the Security Appliance to your
web browser or a standalone installer.
458 Chapter 15: Adaptive Security Device Manager
If your Cisco Security Appliance unit is new and came with software version 7.0, the
software is already loaded in Flash memory. If you are upgrading from a previous version of
Cisco Security Appliance, you must use Trivial File Transfer Protocol (TFTP) from the
Security Appliance unit’s inside interface to copy the ASDM image to your Security
Appliance. ASDM works with software version 7.0 and later, and it can operate on the
Security Appliance 515, 515E, 525, 535, 5510, 5520, and 5540 units as soon as they are
upgraded to version 7.0 or later.
ASDM is designed to assist you in managing your network security in these ways:
■ Letting you visually monitor your Cisco Security Appliance system, connections,
Intrusion Detection System (IDS), and traffic on the interfaces.
■ Creating new Security Appliance configurations or modifying existing configurations
that were originally implemented using the Security Appliance.
■ Using visual tools such as task-oriented selections and drop-down menus to configure
your Cisco Security Appliance.
■ Using Secure Sockets Layer (SSL) to secure communication between ASDM and the
Security Appliance.
■ Monitoring and configuring Security Appliance units individually.
Multiple Cisco Security Appliances can be monitored and configured from a single
workstation via the web browser. It is also possible to have up to five administrators
accessing a given Security Appliance unit or context via ASDM at the same time. A maximum
of 32 total sessions can be active on a unit running multiple mode.
For the SNPA exam, this chapter focuses on ASDM version 5.0 running on software version 7.0.
ASDM Overview
ASDM Overview
ASDM is a graphical configuration tool that is designed to help you set up, configure, and
monitor your Cisco Security Appliance. It is installed as a separate software image on the
Security Appliance and resides in the Flash memory of all firewall units running software
version 7.0 and higher. A standalone or browser-based Java applet can be used as a client to
access the ASDM graphical user interface (GUI) for configuration. ASDM uses tables, drop-down
menus, and task-oriented selection menus to assist you in administering your Security Appliance.
Additionally, ASDM maintains compatibility with the Security Appliance CLI and includes a tool
for using the standard CLI commands within the ASDM application. ASDM also lets you print
or export graphs of traffic through the Security Appliance and system activity.
Figure 15-1 shows the ASDM GUI with the three main buttons: Home, Configuration, and
Monitoring.
Figure 15-1 Security Appliance Adaptive Security Device Manager GUI
NOTE ASDM is a signed Java applet that downloads from the Security Appliance to your
web browser or a standalone installer.
ASDM is a graphical configuration tool that is designed to help you set up, configure, and
monitor your Cisco Security Appliance. It is installed as a separate software image on the
Security Appliance and resides in the Flash memory of all firewall units running software
version 7.0 and higher. A standalone or browser-based Java applet can be used as a client to
access the ASDM graphical user interface (GUI) for configuration. ASDM uses tables, drop-down
menus, and task-oriented selection menus to assist you in administering your Security Appliance.
Additionally, ASDM maintains compatibility with the Security Appliance CLI and includes a tool
for using the standard CLI commands within the ASDM application. ASDM also lets you print
or export graphs of traffic through the Security Appliance and system activity.
Figure 15-1 shows the ASDM GUI with the three main buttons: Home, Configuration, and
Monitoring.
Figure 15-1 Security Appliance Adaptive Security Device Manager GUI
NOTE ASDM is a signed Java applet that downloads from the Security Appliance to your
web browser or a standalone installer.
Subscribe to:
Posts (Atom)