cc/td/doc/product/software/sdm
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table Of Contents

Getting Started

What's New in this Release?

Cisco IOS Versions Supported


Getting Started


Cisco Router and Security Device Manager (SDM) is an easy-to-use Internet browser-based software tool designed for configuring LAN, WAN, and security features on a router. SDM is designed for resellers and network administrators of small- to medium-sized businesses who are proficient in LAN fundamentals and basic network design.

For fast and efficient configuration of Ethernet networks, WAN connectivity, firewalls and Virtual Private Networks (VPNs), SDM prompts you through the setup process with wizards—sequenced screens that break down the configuration steps and provide you with explanatory text. You can then edit the basic configuration you created, for greater control over the router and the network. SDM requires no previous experience with Cisco devices or the Cisco command-line interface (CLI).

When you start SDM, it displays the Home Page, a window with system and configuration overview information that gives you important information about your router hardware and software. You can use this to determine what you want to configure. After you complete a configuration, SDM can help you test and troubleshoot it so that you can ensure that the configuration works.

SDM also features a Monitor mode, which enables you to observe router performance and gather statistics associated with configurations that you have made on the router.

What's New in this Release?

This release supports the following new features:

Application Security—SDM allows you to inspect traffic by application, as well as by network protocol. You can specify what the router is to do when it encounters traffic from the applications that you identify. SDM also offers low, medium and high application security policies that you can apply to router interfaces when completing the basic and the advanced firewall wizards.The Application Security feature also offers Granular Protocol Inspection.

DHCP Enhancements—SDM allows you to bind a particular IP address from a DHCP pool to a host MAC address that you specify.

Dynamic DNS—SDM supports client mode DDNS, enabling the router to update a DNS server when a router interface IP address is changed.

Easy VPN Remote enhancements—SDM supports web intercept, RSA signatures, dial backup, VLAN subinterfaces, multiple routed subnets, traffic-triggered tunnel activation, and mode-configured addresses for device access.

Easy VPN Server enhancements—SDM enables the server to support Easy VPN clients by XAuth banner push, automatic IOS updates by revision, configuration file push, browser proxy server push. In this release, SDM also supports split DNS, which allows remote clients to use an internal DNS server to resolve hosts with specific domain names, Perfect Forwarding Secrecy (PFS) push to remote clients, netmask support, the restriction of Easy VPN connections to specific interfaces, the setting of an IPSecurity (IPSec) idle timer, and group policies using a single AAA server.

Easy VPN troubleshooting enhancements—Easy VPN troubleshooting has been enhanced to support the new Easy VPN Remote and Easy VPN Server features.

Intrusion Prevention System (IPS) enhancements—IPS is integrated into the main SDM application, and includes an IPS rule wizard, and a signature import wizard. IPS now supports TrendMicro signature engines.

Network Admission Control (NAC)—enables the router to control the use of the local network by local hosts, based on their virus protection status. When given a NAC configuration, the router can use NAC policy servers to determine host status, and to direct hosts to virus remediation sites if necessary. You can configure exception lists to specify the hosts that are to be exempted from the NAC validation process, and you can identify the hosts without installed posture agents so that the NAC system can take appropriate action.

NAT wizards—You can configure NAT translation rules using a basic or an advanced NAT wizard.

Port-to-Application Mapping—Network applications typically accept traffic on registered, well-known port numbers. For example, FTP typically uses port 21. PAM enables you to specify the port numbers that you want applications on the network to use.

Search function—You can now search for SDM features by entering the feature name on the toolbar and clicking Search.

Switch Module support—SDM allows you to configure switchport VLANs and VLAN subinterfaces, and you can launch the eXpresso switch module management application from the SDM toolbar.

Support for new High-speed WAN Interface Cards (HWICS)—The HWIC-ADSL-B/ST, HWIC-ADSLI-B/ST, HWIC-1ADSL, and HWIC-1ADSLI ADSL network modules are supported.

USB Flash and Token support—SDM can detect the presence of USB flash and USB token devices on the router, and can use CCCD configuration files and digital certificates stored on those types of devices.

To find out more about this release, go to:

http://www.cisco.com/go/sdm

Click the Technical Documentation link, and then click Release Notes.

Cisco IOS Versions Supported

To determine which Cisco IOS versions SDM supports, go to the following URL:

http://www.cisco.com/go/sdm

Click the Technical Documentation link, and then click Release Notes.


hometocprevnextglossaryfeedbacksearchhelp

Posted: Fri Oct 7 13:22:44 PDT 2005
All contents are Copyright © 1992--2005 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.