Q. Is the standalone Cisco® Security Agent effective against Internet worms such as MS Blaster?
A. Yes. Cisco Security Agent prevents the MS Blaster worm and others like it from rooting and propagating. It also stops the denial of service (DoS) attacks these worms tend to launch.
Q. Is Cisco Security Agent the best defense against worms, viruses, and DoS attacks?
A. The best defense is a comprehensive, system-level security approach. The Self-Defending Network is Cisco's long-term strategy to protect an organization's business processes by identifying, preventing, and adapting to threats from both internal and external sources. This protection helps organizations take better advantage of the intelligence in their network resources, thus improving business processes and cutting costs. Click here for more information on the Cisco Self Defending Network.
Q. Can I run the Management Center for Cisco Security Agents on a Cisco IP Communications application server?
Q. Which standard Cisco Security Agent policies were used in the creation of the standalone Cisco Security Agents for Unified Communications?
A. For the standalone agent for Cisco Unified CallManager, Cisco Emergency Responder, Cisco Conference Connection, Cisco Unified IP Interactive Voice Response (Cisco Unified IP IVR), Cisco IP Queue Manager, and Cisco Unified Contact Center Express, the following Cisco Security Agent policies were used:
• Generic server
• Generic desktop
• Microsoft Internet Information Services (IIS) Versions 4.0 and 5.0
For the Cisco Unity®, Cisco Unity Bridge, and Cisco Personal Assistant standalone agents, the following Cisco Security Agent policies were used:
• Required Windows System Module
• Common Security Module
• Common Web Server Security Module
• Restrictive MS IIS Module
• Restrictive SQL Server Module (Cisco Unity agent only)
• Server Module
• User Authentication Auditing Module
• Virus Scanner Module
For the Cisco Unified Intelligent Contact Manager (Enterprise and Hosted) and Cisco Unified Contact Center Enterprise standalone agents, the following Cisco Security Agent policies were used:
• Required Windows System Module
• Common Security Module
• Server Module
• User Authentication Auditing Module
• Restrictive Microsoft IIS Module
• Restrictive SQL Server Module
• Virus Scanner Module
For the Cisco Internet Service Node (ISN) standalone agent, the following Cisco Security Agent policies were used:
• Required Windows System Module
• Common Security Module
• Common Web Server Security Module
• Restrictive Microsoft IIS Module
• Restrictive SQL Server Module
• Virus Scanner Module
Q. How can I upgrade my standalone Cisco Security Agent to the standard Cisco Security Agent product to take advantage of customizable policy control and centralized event reporting?
A. To upgrade, please order part number CSA-IPT-UPGRADE-K9 from Cisco. Since Cisco Security Agent provides specialized policies for each telephony server, it is relatively easy to deploy the fully managed solution.
Q. What other software can be loaded in a Unified Communications server that is running the Cisco Security Agent headless agent?
A. Cisco Security Agent policies provide support for several Cisco approved, third-party monitoring tools and co-resident applications. To determine the applications and versions supported by each product, refer to the release notes and installation guides provided with the standalone Cisco Security Agent download for that product.
Q. Which Cisco customers should install the Cisco Security Agent software?
A. All Cisco Unified Communications customers that are running the following applications should install Cisco Security Agent on their servers:
• Cisco Unified CallManager 3.2(3), 3.3, and later versions
• Cisco Emergency Responder 1.1(4) and 1.2(1)
• Cisco Conference Connection 1.2(2)
• Cisco Unified Intelligent Contact Management (Enterprise and Hosted) , Cisco Unified Contact Center Enterprise and Hosted 5.0(0) (SR8 or later)
• Cisco Unified Intelligent Contact Management, Unified Contact Center Enterprise 6.0(0) and later versions
• Cisco Internet Service Node (ISN) 2.0 & 2.1
• Cisco Unified Contact Center Express 2.2(5), 3.0(3a), 3.1(3), 3.5(2), and later versions
• Cisco Unified IP IVR 2.2(5), 3.0(3a), 3.1(3), 3.5(2), and later versions
• Cisco IP Queue Manager 2.2(5), 3.0(3a), 3.1(3), 3.5(2), and later versions
• Cisco Unity 4.0 and later versions
• Cisco Unity Bridge 3.0 and later versions
• Cisco Personal Assistant 1.4(1) and later versions
Q. How can customers obtain the software?
A. The standalone agents and security policies to be used with the Management Center for Cisco Security Agents are available at no charge through Cisco.com download.
For Cisco Unified CallManager, Cisco Conference Connection, Cisco Emergency Responder, Cisco Unified IP IVR, Cisco IP Queue Manager, and Cisco Unified Contact Center, the software is available at: http://www.cisco.com/cgi-bin/tablebuild.pl/cmva-3des
