Cisco Security Manager

Table Of Contents

Installation and Release Notes for Cisco Performance Monitor 3.0

Contents

New and Changed Features in this Release

Installation Requirements

Scalability

Installing Performance Monitor

Migrating Inventory from Monitoring Center for Performance

Uninstalling and Reinstalling Performance Monitor

Uninstalling Performance Monitor

Reinstalling Performance Monitor

Resolved Problems

Known Problems

Related Documentation

Obtaining Documentation

Cisco.com

Product Documentation DVD

Ordering Documentation

Documentation Feedback

Cisco Product Security Overview

Reporting Security Problems in Cisco Products

Obtaining Technical Assistance

Cisco Technical Support & Documentation Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information

Installation and Release Notes for Cisco Performance Monitor 3.0

---

Revised: June 13, 2007,
Text Part Number: OL-10799-02

When you purchase Cisco Security Manager 3.0 or 3.0.1 (Security Manager), your license grants you the right to download, install, and use Cisco Performance Monitor 3.0 (Performance Monitor), which was previously called CiscoWorks Monitoring Center for Performance 2.0.x.

---

Note Windows and Solaris versions of Monitoring Center for Performance are still available for use with CiscoWorks VPN/Security Management Solution 2.x (VMS). VMS customers are entitled to upgrade to Security Manager at no cost. See http://www.cisco.com/go/csmanager.

---

Performance Monitor is a browser-based tool that monitors and troubleshoots the health and performance of services that contribute to network security. It helps you to isolate, analyze, and troubleshoot events in your network as they occur, so that you can increase service availability. Supported service types are remote-access VPN, site-to-site VPN, firewall, web server load-balancing, and proxied SSL.

This guide supplements the version of Installation Guide for Cisco Security Manager that you received with your copy of Security Manager. Although your version of that guide does not describe any installation procedure for Performance Monitor specifically, it does describe a broad framework of prerequisites, best practices, checklists, troubleshooting tips, and other material to ensure that all of your Security Manager software — including Performance Monitor — can be installed successfully. See the installation guide for the version of Security Manager that you use:

•Installation Guide for Cisco Security Manager 3.0

•Installation Guide for Cisco Security Manager 3.0.1

This guide contains:

•A comparison of Performance Monitor and Monitoring Center for Performance.

•High-level descriptions of the hardware and software requirements for installation.

•High-level instructions for installing, upgrading to, and uninstalling Performance Monitor.

•Instructions for migrating your device inventory from Monitoring Center for Performance.

•Bug ID numbers and headlines for problems in Monitoring Center for Performance that were fixed for this release of Performance Monitor.

•Bug ID numbers, headlines, and descriptions for known problems that might affect you as a Performance Monitor user. If you access this document in HTML or PDF form, you can click any ID number to see the release note enclosure in the Bug Toolkit on Cisco.com. A release note enclosure contains symptoms, conditions, and workaround information.

---

Note Before you install Performance Monitor, we recommend that you read and follow all of the relevant guidance in the Security Manager installation guide.

---

Contents

New and Changed Features in this Release

The following table describes and categorizes the major differences between Performance Monitor 3.0 and Monitoring Center for Performance:

Category	Comparison
Extended support for devices, services, features, and software versions	Performance Monitor adds: •Device support for: –800, 1800, 2800, and 3800 Series routers. –ASA 5500 Series appliances. •Software version support for: –PIX 7.0 and 7.1. –FWSM 2.2, 2.3, and 3.1. –ASA 5500 Series appliances. –VPN Shared Port Adapters (VPN SPA). •Service and feature monitoring support for: –VPN services on PIX appliances. –Firewall services and remote-access VPN services on Cisco IOS routers. –Site-to-site VPN services on VPN 3000 Series concentrators, PIX appliances, and ASA appliances. –DMVPN services. –Easy VPN services. –Multicontext firewall services.
Compatibility and coexistence	•Performance Monitor runs on CiscoWorks Common Services (Common Services) 3.0.3 or 3.0.4 for Windows and supports coexistence on the same server with Security Manager 3.0 or 3.0.1. •We no longer support coexistence on the same server with any component in, or release of, VMS. •We no longer support coexistence on the same server with any version of Common Services earlier than 3.0.3. •Performance Monitor does not support Solaris as an operating system for servers.
Importing device credentials	•Performance Monitor imports device attributes from a Device Credentials Repository (DCR) server on which SSL is enabled. A DCR is an inventory of credentials and other attributes for network devices that Common Services maintains for use by other applications, such as Security Manager or Resource Manager Essentials (RME). •We no longer support any direct importing of device attributes from CiscoWorks Management Center for VPN Routers (Router MC) or RME.
User interface (GUI)	The Performance Monitor GUI does not include any Java applets.
Security enhancements	HTTPS now secures all communications between Performance Monitor and the devices in your network.

Installation Requirements

You can use Performance Monitor as a standalone product or install it on the same server with Security Manager, Cisco Auto Update Server (AUS), RME, or all three. In any of these installations, you must also install Common Services 3.0.3 (patched) or 3.0.4, or Performance Monitor cannot work.

Performance Monitor by default uses SNMP trap port 162.

---

Note If you install Common Services 3.0.3 from the Security Manager 3.0 installation DVD, you automatically apply a special patch to it. Performance Monitor requires this special patch when you use Common Services 3.0.3 and cannot run on any server where Common Services 3.0.3 is unpatched. The required patch is available only on the Security Manager 3.0 installation DVD. For detailed information, see Installation Guide for Cisco Security Manager 3.0.

Alternatively, you can install and use Common Services 3.0.4 without any patch.

---

Requirements for installation and operation vary in relation to the presence of other software on your server and according to the way you use Performance Monitor.

You can install Performance Monitor on a Windows-based server that uses one CPU or multiple CPUs.

Table 1 describes server requirements and restrictions.

Table 1 Installation Requirements and Restrictions 

Component	Minimum Requirement
System hardware	•IBM PC-compatible with a 2 GHz or faster processor. •Color monitor with at least 1024 x 768 resolution and a video card capable of 16-bit colors. •DVD-ROM drive. •100BaseT (100 Mbps) or faster network connection; single interface only. Note We do not support installations of Performance Monitor on servers with more than one network interface card (NIC). For related information, see IP Address. •Keyboard. •Mouse.
File system	NTFS.
Memory (RAM)	2 GB.
System software	One of the following:1 •Microsoft Windows 2003 Server: –Enterprise Edition with SP1. –Standard Edition with SP1. •Microsoft Windows 2000: –Advanced Server with SP4. –Server with SP4. –Professional with SP4. Tip In addition, client systems can use Microsoft Windows XP with SP1 or higher. Note Performance Monitor supports only the US-English and Japanese versions of Windows. Select Start > Settings > Control Panel > Regional Settings, then set the default locale. Microsoft ODBC Driver Manager 3.510 or later is also required, so that your server can work with Sybase database files. To confirm the installed ODBC version, find and right-click ODBC32.DLL, then select Properties from the shortcut menu. The file version is listed under the Version tab.2
Browser	One of the following: •Microsoft Internet Explorer 6.0 with SP1 (6.0.2800). •Mozilla 1.7 or 1.7.5.
Compression software	WinZip 9.0 or compatible.
Hard Drive Space	20 GB.
IP Address	One static IP address. If the server has more than one IP address, disable all but one address. The Performance Monitor installer displays a warning if it detects any dynamic IP addresses on the target server. Dynamic addresses are not supported.

1 To confirm the installed Windows version from the Start menu, select Run, then enter either ver or winver. 2 Alternatively, after you install Performance Monitor, select Server > Admin from the Common Services desktop, click Selftest, then click Create. When the table is refreshed, click the newest entry in the SelfTest Server Information column. When the "Server Info" window opens, scroll to the odbc.pl section to see the installed ODBC version.

---

Caution Do not install this product on a primary or backup domain controller. We do not support any use of Common Services 3.0.3 or 3.0.4 on a Windows domain controller.

Do not install this product in an encrypted directory. Common Services 3.0.3 and 3.0.4 do not support directory encryption.

Do not install this product if Terminal Services is enabled in Application mode. In such a case, you must disable Terminal Services, then restart the server before you install. Common Services 3.0.3 and 3.0.4 support only the Remote Administration mode for Terminal Services. To learn more about this restriction on your use of Terminal Services, see http://www.cisco.com/en/US/products/sw/cscowork/
ps3996/products_installation_guide_chapter09186a008052ff0f.html#wp1033369.

---

Scalability

The following table describes Performance Monitor scalability.

Table 2 Cisco Performance Monitor Scalability 

Number of devices	Supports up to 500 devices, including security contexts.
Number of users	Supports up to 5 simultaneous users.
VPN restrictions	•We recommend that you monitor only the hubs, not the spokes, in any hub-and-spoke VPNs that you monitor. •We recommend that you monitor no more than 5,000 VPNs.

Installing Performance Monitor

---

Note United States law requires Cisco Systems to limit access to any software that uses advanced encryption technologies. Therefore, you must have and use a Cisco.com user account in order to download the Performance Monitor installation utility.

---

You can install Performance Monitor on:

•A standalone server, after you install a supported version of Common Services.

•The same server on which you installed Security Manager, AUS, RME, or all three.

For related information, see Installation Requirements.

The Performance Monitor installation utility does not include any version of Common Services, which you must install before you install Performance Monitor. We recommend that you use your Security Manager installation DVD to install Common Services.

Before You Begin

---

Caution If both of the following statements are true, you must complete Steps 1 through 5 in Migrating Inventory from Monitoring Center for Performance, before you start this procedure:
·   You run Monitoring Center for Performance on a Windows server and will re-use its device inventory.
·   Your Monitoring Center for Performance server will become your Performance Monitor server.

---

---

Step 1 Log in to your Cisco.com account at http://www.cisco.com/cgi-bin/login.

Step 2 Go to http://www.cisco.com/go/csmanager, then click Download Software.

Step 3 Download the installation utility for Performance Monitor, fcs-mcp-v3.0-w2k-k9.exe.

Step 4 To start the installation, double-click your downloaded copy of the utility, then follow the prompts.

Step 5 When the installer prompts you to select your license options and enter your license key, you can use a free evaluation license or use the license file on your Security Manager DVD, at \license_files\mcpULperm.lic. Until you apply your license to your copy of Performance Monitor, you are limited to the free 90-day evaluation period.

Step 6 (Optional) Complete Step 7 in Migrating Inventory from Monitoring Center for Performance.

---

Migrating Inventory from Monitoring Center for Performance

---

Note•We support device inventory migrations from Windows versions of Monitoring Center for Performance, but not from Solaris versions.

•Monitoring Center for Performance users cannot upgrade directly to Performance Monitor.

•You cannot migrate your Monitoring Center for Performance database into Performance Monitor.

---

A PerlScript that you download from Cisco.com and run on your server can convert all of the device attributes in your Monitoring Center for Performance inventory into a CSV file that Performance Monitor can import easily.

However, Performance Monitor uses HTTPS to secure its communications with routers in your network — which Monitoring Center for Performance did not do. For this reason, the generated CSV output can be edited, and you must manually insert HTTPS credentials for every router that you plan to import into Performance Monitor.

---

Caution The CSV file that you create is plaintext — confidential but unencrypted information about the devices in your network. We recommend that you secure the file.

---

---

Step 1 To download the device inventory conversion script, do the following:

a. From the Windows server on which you run Monitoring Center for Performance, log in to your Cisco.com account at http://www.cisco.com/cgi-bin/login.

b. Go to http://www.cisco.com/en/US/products/ps6498/index.html., then click Download Software.

c. Download DeviceExport.zip.

Step 2 When the download is finished, double-click the DeviceExport.zip archive to decompress its contents on your server, then open the readme file.

Step 3 Follow the instructions in the readme file that tell you:

a. How and where to install.

b. How to run ExportToCSV.pl.

The PerlScript generates your CSV file at NMSROOT\mcp\conf\devices\ExportedBackup.csv, where NMSROOT is the directory in which you installed Common Services 2.x. The default is C:\Program Files\CSCOpx.

Step 4 Do one of the following:

•If you are installing Performance Monitor on the same server on which you installed Monitoring Center for Performance, move ExportedBackup.csv to a secure location, so that it is available for your use when you are ready to use it. Otherwise, it will be erased when you install Performance Monitor.

•If you are installing Performance Monitor on a different server than the one on which you installed Monitoring Center for Performance, use SFTP or another method that you trust to transfer the ExportedBackup.csv file from your old server to your new server.

Step 5 If you are installing Performance Monitor on the same server on which you installed Monitoring Center for Performance:

a. Uninstall Monitoring Center for Performance, Common Services 2.x, and every application that uses Common Services 2.x. See Installing Monitoring Center for Performance 2.0.1 on Windows: http://www.cisco.com/en/US/products/sw/cscowork/ps5387/products_installation_guide_book09186a00801f7249.html.

b. Install a supported version of Common Services. If you install version 3.0.3, we recommend that you install Common Services from your Security Manager 3.0 installation DVD so that all required patches are installed automatically. See the installation guide for the Security Manager version that you use: http://www.cisco.com/en/US/products/ps6498/prod_installation_guides_list.html.

c. Install Performance Monitor. See Installing Performance Monitor.

Step 6 (Optional) If you are importing the attributes of routers from the CSV file into your Performance Monitor device inventory:

a. Open the CSV file in a text editor.

b. Edit the attributes for every router to insert the HTTPS username in column 15 and the HTTPS password in column 16, as shown in this example:

Unedited (Monitoring Center for Performance)	Edited (Performance Monitor)
10.77.211.6,,,,,,,,public,,,,,,,,,,,,,, 10.77.211.22,,,,,,,,public,,,,,,,,,,,,,,	10.77.211.6,,,,,,,,public,,,,,,admin,lab,,,,,,, 10.77.211.22,,,,,,,,public,,,,,,,,,,,,,,

c. Save a copy of the edited CSV file.

Step 7 To learn how to import device attributes from a CSV file, see the "Using the Importing Devices Wizard to Import or Add Devices" topic in the Performance Monitor online help.

---

Uninstalling and Reinstalling Performance Monitor

---

Note To learn which data files are essential to Common Services operation and understand how to archive that data, see the Common Services online help or read the documentation on Cisco.com. We recommend that you back up copies of all essential data files from your server before you uninstall or reinstall Performance Monitor.

---

To uninstall or reinstall applications on your server, see:

•Uninstalling Performance Monitor

•Reinstalling Performance Monitor

Uninstalling Performance Monitor

---

Caution A server that is infected with a virus might be unstable after you uninstall software from it and reboot. If your server is not stable after an uninstallation and reboot, we recommend that you scan it for viruses and other kinds of malware.

---

Before You Begin

If any version of Windows Defender (which was known in its public beta test versions as both Microsoft AntiSpyware and Giant AntiSpyware) is installed, disable it before you uninstall Performance Monitor. Otherwise, the uninstallation application cannot run.

---

Step 1 Select Start > Programs > Cisco Security Manager > Uninstall Cisco Security Manager.

Step 2 From the list of applications, select Cisco Performance Monitor.

Step 3 (Optional) Select any other components to uninstall.

Step 4 Click Next twice.

The uninstaller removes Performance Monitor and every other component that you selected.

---

Note If a Windows command line prompt window is open in \CSCOpx\bin when you uninstall Performance Monitor, the uninstaller cannot delete \CSCOpx\bin. In this case, you can choose whether and how to delete the directory.

---

Step 5 Only after you uninstall Performance Monitor, Common Services, and all related applications, assuming that you uninstall all server applications:

a. If a folder exists at C:\Program Files\CSCOpx, delete, move, or rename the folder.

b. If the C:\CMFLOCK.TXT file exists, delete it.

c. Use a Registry editor to delete these Registry entries before you reinstall Performance Monitor or any related applications:

•My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Cisco\Resource Manager

•My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Cisco\MDC

---

Tip Although no reboot is required, we recommend that you reboot the server after an uninstallation so that Registry entries and running processes on the server are in a suitable state for a future reinstallation.

---

---

Note If the uninstallation causes an error, see the "Troubleshooting the Installation" chapter in Installation and Setup Guide for CiscoWorks Common Services 3.0.3 (Includes CiscoView) on Windows: http://www.cisco.com/en/US/products/sw/cscowork/ps3996/
products_installation_guide_chapter09186a008052ff07.html.

---

Step 6 (Optional) If you disabled Windows Defender before uninstalling Performance Monitor, reenable it now.

---

Reinstalling Performance Monitor

---

Caution Although the Security Manager installation utility performs a full, mandatory backup automatically if you use it to reinstall Security Manager, AUS, or Common Services, no such backup occurs when you use the Performance Monitor installation utility to reinstall Performance Monitor. We recommend that you follow the backup instructions in the Common Services online help before you reinstall Performance Monitor.

---

---

Note•If you install Common Services and Performance Monitor on a server, then reinstall Common Services later, you must also reinstall Performance Monitor.

•During reinstallation, you might see a warning message that says:

The application that you are installing requires new tasks to be registered with ACS. 
If you have already registered this application with ACS from another server, you do 
not need to register it again. However if you re-register the application, you will 
lose any custom roles that you had created earlier for this application in ACS.

In this case, log in to your Cisco.com account and see "CiscoWorks-ACS Task Registration During Upgrade and Re-installation" in Installation and Setup Guide for CiscoWorks Common Services 3.0.3 (Includes CiscoView) on Windows, at http://www.cisco.com/en/US/products/sw/cscowork/
ps3996/products_installation_guide_chapter09186a008052ff0c.html#wp1192068.

---

To reinstall Performance Monitor or related applications, see Installing Performance Monitor.

Resolved Problems

Table 3 lists problems that have been resolved since the release of Monitoring Center for Performance 2.0.2 on Windows. To obtain more information about a resolved problem, click the ID number or use the Cisco Software Bug Toolkit at http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl.

Table 3 Resolved Problems in Cisco Performance Monitor 3.0

CSCec05521 — Notifications are sent only on default ports

CSCec56300 — User-defined groups display on every report page

CSCed74579 — Find and Search do not work in the event browser

CSCed78301 — Event browser does not include errors from a VPN services module

CSCee39642 — Authorization not enforced properly when using ACS server

CSCee54033 — Cannot use ~ and ^ characters in the device read community string

CSCef77126 — Import of Cisco IOS router fails when using the loopback IP address

CSCsa10214 — Error when using ACS for AAA but user does not exist on the ACS server

CSCsa14572 — The MCP and McpDbEngine processes are both down

CSCsa45319 — Fields are empty in the Report page

CSCsa64688 — No support for ISR routers in Performance Monitor

CSCsb05674 — Cannot delete duplicate devices

Known Problems

This section describes problems known to exist in this release of Performance Monitor.

---

Note•The problems and other issues in the following tables are known to affect Performance Monitor 3.0. However, some of the problems were found in releases of Monitoring Center for Performance 2.x, so their descriptions or headlines might contain obsolete terms and references. Any such terms and references apply to Performance Monitor as well.

•To obtain more information about known problems, click the ID number or use the Cisco Software Bug Toolkit at http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl. (You will be prompted to log into Cisco.com.)

---

Table 4 Performance Monitor 3.0 Known Problems 

CSCeb57907 — Cannot import an SSL service module from a CSV file Description: If you try to import a CSV file that contains the IP address of an SSL service module, the SSL service module is not validated.

CSCec17725 — SNMP version 2 traps are required for interface-down events Description: If you use SNMP version 1 traps for linkUp and linkDown, Performance Monitor cannot generate events in response to changes to the state of an interface.

CSCec28656 — 32 KB-rows in a User Session report take 5 minutes or more to load Description: If the search result is more than 10,000 entries, the User Session report takes 5 minutes or more to load.

CSCec28918 — User logged in once but two sessions are displayed in the report Description: The User Session report displays two sessions for the same user even though the user logged in only once within the time selected for the report.

CSCec49471 — User session state marked Active instead of Completed Description: If a completed user session remains in an active state, the User Session report shows two or more sessions with the same username, IP address, and VPN device name.

CSCed36700 — STS: no CPU/mem usage for 831/803 with 12.3(2)T and 12.3(5b) Description: CPU usage values are not available for a Cisco 800 Series router. A known problem in Cisco IOS prevents Performance Monitor from displaying these statistics.

CSCed57697 — Page Not Found error appears when you start Performance Monitor Description: You see a Page Not Found error when you try to start Performance Monitor from a supported browser.

CSCed68244 — Performance Monitor cannot clear Interface State event in PIX failover Description: If a PIX device is configured as part of a failover pair, Performance Monitor misinterprets some of the syslog information it receives.

CSCee59388 — Cannot see load-balancing Interface Down event Description: The load-balancing Interface Down event is not displayed in the event browser.

CSCeh54686 — A multi-homed Performance Monitor server cannot monitor imported devices Description: If your Performance Monitor server has more than one NIC, you cannot monitor devices that you import.

CSCsa48691 — Import operation does not seem to finish Description: After you import a device, the GUI describes the status as Running and the import does not seem to finish.

CSCsc43213 — Performance Monitor doesn't discover all security contexts Description: Some security contexts (virtual firewalls) do not appear if you select Monitor > Firewall.

CSCsc95585 — Different CPU usage shown for PIX in STS and Firewall monitoring pages Description: The reported CPU usage levels for a PIX appliance show different values under Monitor > Site-to-Site and Monitor > Firewall because we use two polling methods instead of one.

CSCsd28035 — Tunnel table is empty for Easy VPN server Description: If you select Monitor > Site-to-Site VPN, then click Tunnels in the TOC, the displayed information does not include Easy VPN tunnels that are configured on IOS routers.

CSCse11165 — No memory usage data available for VPN 3000 concentrators Description: VPN 3000 Series concentrators do not provide any way to poll memory usage statistics. Therefore, if you select Monitor > Site-to-Site VPN, the displayed Memory Usage % value for these concentrators is always zero.

CSCse17747 — SNMP access outage on VPN SPA doesn't generate event Description: Performance Monitor does not display any Critical Problems or events to show that it has stopped polling a VPN Shared Port Adapter (VPN SPA) on which SNMP community string values have changed.

CSCse61189 — An error message misrepresents how you obtain a valid license file Description: An error message tells you to obtain a Performance Monitor license from Cisco.com, but your license file is on your Security Manager installation DVD.

CSCsc95489 — Unable to monitor Easy VPN tunnels on PIX 6.3 Description: If you select Monitor > Remote Access VPN, the displayed information does not include Easy VPN tunnels that are configured on PIX 6.3 devices.

CSCsj19705—License error with Perf. Monitor 3.0 on a Security Manager 3.0.2 server Description: If you choose the free evaluation license when you perform a fresh installation of Performance Monitor 3.0 on a server running Security Manager 3.0.2, an invalid license error is displayed when you start Performance Monitor from the Cisco Security Management Suite page.

Related Documentation

Table 5 describes product documentation that is available for Cisco Security Manager and related applications. For information on ordering printed documents, see Obtaining Documentation.

Table 5 Product Documentation 

Document Title	Available Formats
Cisco Security Manager 3.0; Cisco IPS Manager 3.0; Cisco Auto Update Server 3.0
Installation Guide for Cisco Security Manager 3.0	•PDF on the product DVD-ROM. •On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_installation_guide_book09186a008063d58b.html
User Guide for Cisco Security Manager 3.0	•PDF on the product DVD-ROM. •On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_user_guide_book09186a008063df7d.html
Supported Devices and Software Versions for Cisco Security Manager 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_device_support_table09186a008064135c.html
FAQs and Troubleshooting Guide for Cisco Security Manager 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/prod_troubleshooting_guide_book09186a008063fb75.html
Migrating from CiscoWorks VPN/Security Management Solution to Cisco Security Manager	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_upgrade_guides_book09186a008063ea05.html
User Guide for Auto Update Server 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_user_guide_book09186a00805c83a7.html
Supported Devices and Software Versions for Auto Update Server 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_device_support_table09186a0080631344.html
User Guide for Cisco IPS Manager 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_user_guide_book09186a008064065d.html
Context-sensitive online help	Click the Help button in a window or dialog box.
Cisco Performance Monitor 3.0
Installation and Release Notes for Cisco Performance Monitor 3.0 (this document)	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_release_and_installation_notes09186a00806baa3b.html
User Guide for Cisco Performance Monitor 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_user_guide_book09186a00806b7a60.html
Supported Devices and Software Versions for Cisco Performance Monitor 3.0	On Cisco.com at this URL: http://www.cisco.com/en/US/products/ps6498/products_device_support_table09186a00806b7da7.html
Context-sensitive online help	Click the Help button in a window or dialog box.

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/techsupport

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Product Documentation DVD

The Product Documentation DVD is a comprehensive library of technical product documentation on a portable medium. The DVD enables you to access multiple versions of installation, configuration, and command guides for Cisco hardware and software products. With the DVD, you have access to the same HTML documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .PDF versions of the documentation available.

The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD= or DOC-DOCDVD=SUB) from Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Ordering Documentation

Registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Nonregistered Cisco.com users can order technical documentation from 8:00 a.m. to 5:00 p.m. (0800 to 1700) PDT by calling 1 866 463-3487 in the United States and Canada, or elsewhere by calling 011 408 519-5055. You can also order documentation by e-mail at tech-doc-store-mkpl@external.cisco.com or by fax at 1 408 519-5001 in the United States and Canada, or elsewhere at 011 408 519-5001.

Documentation Feedback

You can rate and provide feedback about Cisco technical documents by completing the online feedback form that appears with the technical documents on Cisco.com.

You can submit comments about Cisco documentation by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Cisco Product Security Overview

Cisco provides a free online Security Vulnerability Policy portal at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

From this site, you will find information about how to:

•Report security vulnerabilities in Cisco products.

•Obtain assistance with security incidents that involve Cisco products.

•Register to receive security information from Cisco.

A current list of security advisories, security notices, and security responses for Cisco products is available at this URL:

http://www.cisco.com/go/psirt

To see security advisories, security notices, and security responses as they are updated in real time, you can subscribe to the Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed. Information about how to subscribe to the PSIRT RSS feed is found at this URL:

http://www.cisco.com/en/US/products/products_psirt_rss_feed.html

Reporting Security Problems in Cisco Products

Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you have identified a vulnerability in a Cisco product, contact PSIRT:

•For Emergencies only — security-alert@cisco.com

An emergency is either a condition in which a system is under active attack or a condition for which a severe and urgent security vulnerability should be reported. All other conditions are considered nonemergencies.

•For Nonemergencies — psirt@cisco.com

In an emergency, you can also reach PSIRT by telephone:

•1 877 228-7302

•1 408 525-6532

---

Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product (for example, GnuPG) to encrypt any sensitive information that you send to Cisco. PSIRT can work with information that has been encrypted with PGP versions 2.x through 9.x.

Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

The link on this page has the current PGP key ID in use.

If you do not have or use PGP, contact PSIRT at the aforementioned e-mail addresses or phone numbers before sending any sensitive material to find other means of encrypting the data.

---

Obtaining Technical Assistance

Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.

Cisco Technical Support & Documentation Website

The Cisco Technical Support & Documentation website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do

---

Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web or phone request for service. You can access the CPI tool from the Cisco Technical Support & Documentation website by clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.

---

Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests, or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.

Severity 1 (S1)—An existing network is down, or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of the network is impaired, while most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

•The Cisco Product Quick Reference Guide is a handy, compact reference tool that includes brief product overviews, key features, sample part numbers, and abbreviated technical specifications for many Cisco products that are sold through channel partners. It is updated twice a year and includes the latest Cisco offerings. To order and find out more about the Cisco Product Quick Reference Guide, go to this URL:

http://www.cisco.com/go/guide

•Cisco Marketplace provides a variety of Cisco books, reference guides, documentation, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

•Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:

http://www.ciscopress.com

•Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

•iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

or view the digital edition at this URL:

http://ciscoiq.texterity.com/ciscoiq/sample/

•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

•Networking products offered by Cisco Systems, as well as customer support services, can be obtained at this URL:

http://www.cisco.com/en/US/products/index.html

•Networking Professionals Connection is an interactive website for networking professionals to share questions, suggestions, and information about networking products and technologies with Cisco experts and other networking professionals. Join a discussion at this URL:

http://www.cisco.com/discuss/networking

•World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html

CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0601R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2002-2006 Cisco Systems, Inc. All rights reserved.