FAQ and Troubleshooting Guide for Cisco Security Manager 3.2
Index
Downloads: This chapterpdf (PDF - 399.0KB) The complete bookPDF (PDF - 4.01MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

A

AAA

accounting not implemented on SSL VPN 9-8

discovered configuration not displayed 6-5

discovering servers with server-private command 6-5

method lists partially discovered 6-5

name changes when discovering policies 6-13

name changes when discovering rules 6-9

removing aaa new-model command 9-7

access control lists (ACLs)

creating during IOS IPS configuration 8-3

deployment errors on FWSMs 12-7

handling names during discovery 6-3

name changes during discovery 6-9

names preserved during discovery 6-6

naming conventions 6-7

resolving naming conflicts 6-7

using ACL manager 12-6

access rule lookup

deployed changes

synchronization with 13-7

device software versions

supported for 13-8

devices with multiple contexts

prerequisites for 13-12

error message 13-4

from MARS

without Security Manager client running 13-8

syslogs supported for

by firewall devices 13-11

with Security Manager client active

in non-Workflow mode 13-8

in Workflow mode 13-8

access rules

cannot save combined rules 7-3

events lookup

large number of hashcodes 13-14

warning message 13-15

hashcodes

accuracy of syslog matches 13-17

modified

after read-only policy display 13-5

not synchronized with device 13-4

object grouping

events lookup and 13-17

on higher security interface, inbound

policy lookup 13-4

on lower security interface, inbound

policy lookup 13-4

policy query icon 13-4

on lower security interface, outbound

policy lookup 13-4

optimization

events lookup and 13-17

unavailable on the device

for MARS syslogs 13-4

activities

in an editable state

and policy table lookup from MARS 13-8

policy table lookup

with Security Manager client active 13-8

address pools

deployment failure 9-7

on same subnet as interface 9-8

overriding in connection profiles 9-7

ADSL policies

unable to deploy 10-4

approvers

associating with user account

for policy lookup from MARS 13-9

ASA devices

with multiple contexts

and policy lookup from MARS 13-12

MARS events lookup 13-14

prerequisite for policy table lookup 13-12

authentication

of MARS for policy lookup

Security Manager deleted from MARS 13-7

authentication settings

for events lookup

Security Manager credentials 13-16

authorization

changes in ACS for devices 3-3

Auto Update Server (AUS)

discovering policies 6-3

failure during deployment 12-10

B

browser settings

reusing windows

for events lookup 13-15

C

Catalyst switches and 7600 devices

adding 6503-E devices 11-1

discovering failover pairs 11-2

discovering policies on security contexts 6-4

IDSM support 11-2

interface deployment failure 11-3

internal VLAN deployment failure 11-3

migrating to 3.2 11-2

performing rollback 11-3

supported modes 11-1

supported VACLs 11-2

troubleshooting 11-1

undefined VLANs 11-2

changes, out-of-band 12-4

Cisco Marketplace 1-x

Cisco Networking Services (CNS)

debugging IOS device 5-9

debugging PIX device 5-9

deployment failures to PIX device 5-8

device id not connected error 5-8

device name does not exist error 5-8

discovery failure for IOS device 5-9

event mode router does not appear 5-9

first deployment to PIX fails 5-8

InvalidParameterException error 5-7

troubleshooting device setup 5-7

Cisco Press 1-x

Cisco Product Quick Reference Guide, obtaining 1-x

Cisco product security

PSIRT 1-x

vulnerability policy portal 1-x

Cisco Secure ACS (ACS)

adding multihomed devices 3-4

authentication fails 3-2

changes not appearing in Security Manager 3-3

devices not appearing in Security Manager 3-3

effect on policy discovery 6-3

read-only access for system administrators 3-2

restoring access 3-4

updating device credentials in Security Manager 3-5

using multiple versions of Security Manager 3-1

working after ACS becomes unreachable 3-3

Cisco Secure ACS roles

policy table lookup from MARS 13-9

Cisco Security Agent

already installed on server 4-1, 11-2

co-existing with IPS systems 4-2

error message in event log 4-2

frequently asked questions 4-1

reinstalling bundled version 4-1

client installation

troubleshooting 2-6

client log files

locating 2-2

CNS

lists applied to wrong SSL VPN context 9-8

combining rules

cannot save changes 7-3

Common Services

MARS user account, creating 13-7

MARS user not defined in

policy lookup 13-11

user account not defined in

logging in to MARS 13-11

Common Services roles

policy table lookup from MARS 13-9

communication, device

troubleshooting 5-1

configuration ownership 12-4

configuration rollback

cannot connect to a Cisco IOS router after 5-2

performing reload 12-8

configure replace command 12-8

connection profiles

sharing among multiple ASAs 9-7

connection-related messages

generated by

outbound traffic, policy lookup 13-4, 13-5

connection teardown messages

2-minute gap with

connection setup 13-3

in a different session from setup 13-3

realtime event viewer 13-3

connectivity test

between MARS and Security Manager

configuring administrative host 13-10

correct credentials 13-10

error message 13-7, 13-10

success 13-7, 13-10

console port

name changes during discovery 6-14

Context Data events

on IPS and IDS sensors

policy query icon and 13-5

cross-launch authentication settings

for events lookup

disabling saving of credentials 13-16

using MARS login credentials 13-16

using Security Manager credentials 13-16

custom signatures

policy lookup for 13-10

D

Daemon Manager

not running on Security Manager

policy table lookup 13-11

deleting

referenced interfaces 10-2

deployment

ADSL deployment failures 10-4

Catalyst interface settings 11-3

Catalyst internal VLANs 11-3

changing default deployment methods 12-6

determining method to use 12-3

devices with same IP address 5-7

duplicate SSL VPN gateway failure 9-7

errors with ACLs 12-7

failure due to overlapping pools 9-7

failure due to pools not on interface subnet 9-8

failures with AUS-managed devices 12-10

failure when modifying WINS master server 9-8

failure when port forwarding list removed 9-8

fixing an OS version mismatch 12-4

ignoring errors 12-7

IOS errors 12-6

IOS IPS 8-3

layer 2 interfaces 10-2

maximum number of devices 12-6

mixing methods 12-9

of access rule changes

synchronization with device 13-7

performing immediately after discovery 6-3

PVC deployment failures 10-4

PVC IP protocol mappings 10-4

rolling back configurations 12-4

setting default directory 12-3

SSL handshake failure 12-10

understanding

effects of deploying to files 12-3

full vs. delta configurations 12-6

process 12-2

device communication

FAQs 5-2

loss of contact due to NAT 10-3

routers without K8/K9 crypto image 5-2

troubleshooting 5-1

device configuration

discovering commands 6-3

unable to configure 10-5

device management 12-4

changes that affect the feature set 5-4

changing critical device properties 5-2

image version changes not affecting feature set 5-3

simultaneous operations on device 5-7

Device Properties page

deleting a MARS appliance 13-18

discovering

MARS 13-17

device response

to appear as an error message 12-8

devices

added to MARS only

policy lookup 13-6

changes to ACS authorization not appearing in Security Manager 3-3

signature policies

not discovered 13-14

software versions

supported by MARS and Security Manager 13-8

synchronization with

changed policies 13-7

updating credentials from ACS 3-5

with multiple contexts

Device Properties page 13-12

differing host and context names 13-12

policy query icon 13-12

reporting IP address in MARS 13-12

setting hostname for policy lookup from MARS 13-12

device type

changing 5-4

DHCP

traffic blocked 10-5

diagnostic information

generating 1-1

dialers

name changes during discovery 6-12

discovering

MARS

after deleting 13-18

discovery

Catalyst failover pairs 11-2

devices with same IP address 5-7

invalid certificate error 5-6

of MARS

into Security Manager 13-17

security certificate error 5-6

discovery task

frequently asked questions 6-2

DNS

configuring for SSL VPN 9-7

documentation

on Cisco.com 1-x

ordering 1-x

documentation feedback, sending to Cisco 1-x

E

error message

events lookup from policies

MARS appliance not configured 13-17

testing connectivity

between MARS and Security Manager 13-10

error messages

events lookup from policies

MARS appliance is shut down 13-17

policy table lookup from MARS

access rules not on device 13-4

addition of multiple Security Managers to Local Controller 13-11

connection setup syslog unavailable 13-3

connection teardown events in realtime viewer 13-3

Daemon Manager not running on Security Manager 13-11

device added to MARS only 13-6

implicit permit statement in access rules 13-4, 13-5

modal dialog box open 13-11

RPC connection failure 13-4

unsynchronized changes 13-4

errors

deployment 12-6

event action filter

configuring

during policy table lookup from MARS 13-8

event log

CSA error message 4-2

events lookup

advantages 13-14

browser settings 13-15

device software versions

supported for 13-8

from access rules

ACE hashcodes 13-17

hashcodes 13-17

object grouping 13-17

optimization enabled 13-17

from default signatures 13-14

from policies

error message 13-17

for multiple contexts 13-14

from signatures

for virtual sensors 13-16

F

FAQ

Catalyst switches and 7600 devices 11-1

policy discovery

AAA configuration not displayed 6-5

AAA method lists partially discovered 6-5

AAA servers and server-private command 6-5

deploying after discovering VPN and router policies 6-3

determining results 6-2

device hostnames 6-5

discovering configuration commands 6-3

discovering with AUS 6-3

discovery and ACS 6-3

FWSM and Catalyst security contexts 6-4

how it works 6-2

naming ACLs and object groups 6-3

PIX/ASA security contexts 6-4

redeploying after discovery 6-3

rediscovering existing policies 6-3

unable to submit changes 6-4

using existing policies and objects 6-4

viewing discovered policies 6-2

viewing undiscovered policies 6-2

when to perform 6-2

FAQs

device communication 5-2

firewall services

cli for authentication proxy 7-2

configuring management IP of security contexts 7-2

hit count 7-1

standard ACLs 7-2

losing connection to a device 7-2

negating addresses within a range 7-2

removal of bound ACEs 7-2

unable to deploy using BGP 7-2

validation error on transparent rules 7-2

Firewall Services Module (FWSM)

deployment error 12-7

discovering policies on security contexts 6-4

FWSM

multiple contexts

MARS events lookup 13-14

with multiple contexts

and policy lookup from MARS 13-12

prerequisite for policy table lookup 13-12

G

gateways

sharing address and port 9-7

Global Controller

adding to

Security Manager 13-14

policy query icon for events 13-11

policy table lookup and 13-11

viewing Security Manager server from 13-11

group-policy

removing SSL VPN definitions 9-9

H

hashcodes

ACE

accuracy of syslog matches 13-17

supported device OS versions 13-17

in large access rules

looking up events 13-14

Help Desk role

policy table lookup and 13-9

historical events

filtering time 13-14

lookup from policies

running query manually 13-14

policy lookup

error message 13-4

historical events lookup

device versions

supported for 13-8

hostnames

effect on policy discovery 6-5

HTTP

name changes during discovery 6-14

HTTPS mode

determining 2-2

I

idle timeout

exceeded for MARS session

without Security Manager client open before lookup 13-6

with Security Manager login credentials for lookup 13-6

IDSM

support limitations 11-2

IDS sensors

Context Data events

and signature policy lookup 13-5

Packet Data events

and signature policy lookup 13-5

ignore error message

configure Security Manager to 12-8

image version

changes that affect the feature set 5-4

implicit permit

configured in access rules

lookup from MARS events 13-4, 13-5

inspection rules

name changes during discovery 6-10

installation

troubleshooting 2-6

Internet Explorer

accessing MARS GUI using

for access rule lookup 13-8

cached passwords

policy table lookup 13-8

remembered passwords

policy table lookup 13-8

IOS 12.1 and 12.2

configuring in Security Manager 10-1

IOS 12.4(11)T

address pool deployment failure 9-8

CNS problem with SSL VPN contexts 9-8

IOS 12.4(9)T

AAA accounting failure 9-8

port forwarding list deployment failure 9-8

WINS master server deployment failure 9-8

IP mappings

unable to deploy 10-4

IPS

co-existing with CSA 4-2

creating ACLs 8-3

deploying 8-3

importing 5.0 sensors 8-1

performing updates 8-2

provisioning trusted hosts 8-3

retrieving signature updates 8-1

signature updates 8-3

updating IOS IPS crypto configurations 8-2

IPS sensors

Context Data events

and signature policy lookup 13-5

Packet Data events

and signature policy lookup 13-5

IPS signature policy lookup

device software versions

supported for 13-8

event action filter, configuring 13-8

for MARS events of type

Context Data 13-5

Packet Data 13-5

from MARS

without Security Manager client running 13-8

with Security Manager client active

in non-Workflow mode 13-8

in Workflow mode 13-8

IPS virtual sensors

signature policy lookup

from MARS events 13-5

L

license

SSL VPN import 9-7

line access

name changes during discovery 6-14

Local Controller

adding

multiple Security Manager servers to 13-11

one Security Manager server to 13-11

adding multiple

to Security Manager 13-14

logging

disabled for permit ACEs

events lookup 13-15

logging in to

MARS

using an account not defined in Common Services 13-11

Security Manager

after error during policy lookup 13-4

using a different account from the one in MARS 13-7

logging level

changing for firewalls

and syslogs in MARS 13-11

login credentials

of Security Manager

saved in MARS during policy lookup 13-12

login credentials, Security Manager

authenticating MARS

Security Manager deleted from MARS 13-7

editing

from User Configuration page in MARS 13-7

using a different account from the one in MARS

for policy lookup 13-7

looking up

events from signatures

for virtual sensors 13-16

MARS events

advantages 13-14

from default signature 13-14

from large access rules 13-14

M

management IP address

defining for multiple contexts

events lookup 13-14

MARS

adding Security Manager to

users with admin privileges 13-9

committed view

of Security Manager policy 13-7

deployed view

of Security Manager policy 13-7

downloading Security Manager 13-6

policy table lookup

time taken for 13-10

with Security Manager client not running 13-8

with Security Manager in non-Workflow mode 13-8

with Security Manager in Workflow mode 13-8

starting a new instance of Security Manager

with client session active 13-7

starting Security Manager for policy lookup

using Security Manager credentials 13-7

User Configuration page

Security Manager credentials 13-7

MARS appliance

automatic mapping

with Security manager 13-18

deleting

from Security Manager 13-18

not associated with monitored device

in Security Manager 13-17

shutting down

events lookup 13-17

testing connectivity

with Security Manager 13-7, 13-10

version 4.3.4, 5.3.4

adding to Security Manager 13-14

MARS authentication

with Security Manager for policy lookup

deleting Security Manager from MARS 13-7

editing Security Manager credentials in MARS 13-7

MARS database

deleting

Security Manager server from 13-7

saving Security Manager credentials

during policy lookup 13-6

MARS events

for connection teardown

in realtime event viewer 13-3

generated by custom signatures

and policy lookup 13-10

of type

Context Data 13-5

Packet Data 13-5

MARS Global Controller

See Global Controller

MARS GUI

accessing using

Internet Explorer, note 13-8

MARS Local Controller

See Local Controller

MARS session

idle timeout, exceeding

using Security Manager credentials for policy lookup 13-6

MARS user account

defining in Common Services

for policy lookup 13-7

not defined in Common Services

prompting for credentials 13-11

MARS user roles

Admin

editing Security Manager credentials 13-7

for modifying Security Manager credentials 13-9

Notifications Only 13-9

Operator 13-9

Security Analyst

editing Security Manager credentials 13-7

MARS web interface

policy table lookup

with Security Manager not installed 13-6

max-webvpn-session-limit

cannot be imported 9-7

MD5 hashcodes

See hashcodes

modal dialog box

looking up policy table

from MARS 13-11

N

NAC

deployment fails 10-7

name changes during discovery 6-15

posture validation not occurring 10-7

NAT

discovering rules with route maps 10-3

name changes during discovery 6-11

VPN traffic sent unencrypted 10-3

navigating

from multiple signature IDs

to historical events in MARS 13-17

to realtime events in MARS 13-17

from policies

to MARS events, advantages 13-14

network administrators

associating with user account

for policy lookup from MARS 13-9

Networking Professionals Connection 1-x

network operators

associating with user account

for policy lookup from MARS 13-9

non-Workflow mode

policy table lookup

from MARS events 13-8

with Security Manager client active 13-8

number of rules 13-10

O

object groups

enabled for access rules

MARS events lookup 13-17

object-groups

name changes during discovery 6-8

objects

expanding contents

in MARS event query 13-14

query criteria in MARS 13-14

using existing objects during discovery 6-4

online help

loading 2-5

preserving search results 2-6

operational mode

changing 5-4

OS version mismatch

fixing 12-4

out-of-band changes

resolving 12-4

P

Packet Data events

huge syslog messages 13-5

on IPS and IDS sensors

policy query icon and 13-5

parsing

invalid syslog messages

13-4

passwords

encrypted passwords on routers 10-2

peer support, Networking Professionals Connection 1-x

performance

of MARS

number of rules 13-10

of Security Manager 13-10

PIX/ASA devices

discovering policies on security contexts 6-4

discovering policies when using AUS 6-3

PIX firewalls

multiple contexts

MARS events lookup 13-14

PIX object groups

handling names during discovery 6-3

policies

policy discovery FAQ 6-2

rediscovery and current assignments 6-3

using existing policies during discovery 6-4

policy discovery

AAA commands not displayed in AAA policy 6-5

AAA method lists partially discovered 6-5

AAA servers and server-private command 6-5

deploying after discovering VPN and router policies 6-3

determining results 6-2

device hostnames 6-5

discovering configuration commands 6-3

discovering with AUS 6-3

discovery and ACS 6-3

frequently asked questions 6-2

FWSM and Catalyst security contexts 6-4

how it works 6-2

naming ACLs and object groups 6-3

NAT rules with route maps 10-3

negated SSL VPN policies 6-5

PIX/ASA security contexts 6-4

preserving ACL names 6-6

redeploying after discovery 6-3

rediscovering existing policies 6-3

resource names changed during discovery 6-8

unable to submit changes 6-4

undiscovered VPN features 6-6

using existing policies and objects 6-4

viewing discovered policies 6-2

viewing undiscovered policies 6-2

when to perform 6-2

while deploying to device 6-5

policy lookup 13-3

policy lookup from MARS 13-7

policy query icon

for access rules

not found on the device 13-4

for Context Data events 13-5

for devices with multiple contexts

without reporting IP address 13-12

for events in Global Controller 13-11

for Packet Data events 13-5

for Unknown Device Event Type

triggered by custom signatures 13-10

for unsupported syslog IDs 13-3

policy query login dialog box

saving Security Manager credentials 13-12

Policy Query popup window

See read-only policy table

policy table lookup

devices with multiple contexts

prerequisites for 13-12

error message 13-11

event action filter, configuring 13-8

MARS user roles 13-9

modal dialog box 13-11

prompting for credentials

MARS user not in Common Services 13-11

time taken for 13-10

with Security Manager client active

in non-Workflow mode 13-8

in Workflow mode 13-8

with Security Manager client not running 13-8

port forwarding list

applied to wrong SSL VPN context 9-8

deployment failure when removed 9-8

PPP

name changes during discovery 6-13

properties, changing critical device 5-2

proxy-bypass interfaces

configured for SSL VPN 9-7

PSIRT 1-x

publications, obtaining additional 1-x

PVC policies

unable to deploy 10-4

Q

quality of service (QoS)

name changes during discovery 6-16

queries

criteria

complexity 13-14

objects in policies 13-14

populated from policies 13-14

expanding objects in MARS 13-14

for historical events

run manually 13-14

for realtime events

run automatically 13-14

Query/Reports tab

identifying incident

for signature policy lookup 13-5

querying

for MARS events from devices

without reporting IP address 13-12

for Unknown Reporting Devices in MARS 13-12

Query page

reusing browser window

during events lookup 13-15

R

read-only policy table

after display of

access rules, modifying 13-5

error message

corrective action 13-6

device added to MARS only 13-6

read-only signature policy page

viewing

Security Manager details 13-9

realtime events

policy lookup

error message 13-4

running query automatically 13-14

realtime events lookup

device versions

supported for 13-8

realtime event viewer

access rule lookup

for connection teardown events 13-3

in MARS

navigating from policies 13-14

reload

after configuration rollback 12-8

Reporting Applications tab

Security Manager user credentials

for initial communication 13-12

using MARS credentials

not defined in Common Services 13-11

reporting IP address

for devices with multiple contexts

policy table lookup 13-12

resources

AAA name changes 6-9

AAA policy name changes 6-13

ACL name changes 6-9

dialer name changes 6-12

dynamic NAT name changes 6-11

HTTP name changes 6-14

inspection rule name changes 6-10

line access name changes 6-14

NAC name changes 6-15

names changed during discovery 6-8

object-group name changes 6-8

PPP name changes 6-13

QoS name changes 6-16

service policy rule name changes 6-11

transparent rule name changes 6-10

rollback 12-4

Catalyst switches and 7600 devices 11-3

performing when deploying to file 12-9

router platform

policy troubleshooting 10-1

device access policies 10-4

device interface policies 10-2

DHCP policies 10-5

DSL policies 10-3

NAC policies 10-6

NAT policies 10-2

PVC policies 10-4

SDP policies 10-5

SNMP policies 10-6

static routing policies 10-7

routers

configuring routers with 12.1 or 12.2 10-1

managing encrypted passwords 10-2

S

security

advisories 1-x

incidents, obtaining assistance 1-x

news from Cisco

registering to receive 1-x

RSS feed URL 1-x

notices 1-x

PSIRT 1-x

vulnerabilities, reporting 1-x

Security Agent installation

troubleshooting 2-6

security certificate

invalid during discovery 5-6

security context

configuring management IP 7-2

security contexts

changing 5-4

deleting configuration file 5-6

discovering policies on FWSM and Catalyst devices 6-4

discovering policies on PIX/ASA devices 6-4

Security Manager client

cleaning server list in Login window 2-2

determining HTTPS mode 2-2

entering server names after installation 2-2

frequently asked questions 2-1

installing on same machine as server 2-2

loading online help 2-5

locating client logs 2-2

reinstalling 2-4

removing locks of another user 2-5

resetting password 2-2

resolving version mismatch 2-2

running in dual-screen mode 2-3

upgrading

from a previous version 2-4

using HTTP 2-3

Security Manager database

corrupted 1-2

troubleshooting 1-2

Security Manager Diagnostics utility

accessing 1-1

Security Manager policy query icon

See policy query icon

Security Manager server

collecting troubleshooting information 1-1

database issues 1-2

installation 1-4

restoring database from files 1-3

restricting access 1-4

unable to launch 1-3

sensor ID

in IPS syslog messages in MARS

for virtual sensors 13-5

service policy rules

name changes during discovery 6-11

service requests

submitting 1-x

services

creating groups from nameless services 7-3

signature policy

default

assigned to devices 13-14

excluded from discovery

empty icon 13-14

not discovered on device

and events lookup 13-14

signatures

default

editing, policy icon 13-14

events lookup 13-14

managing updates 8-3

retrieving updates 8-1

signature summary table

navigating to

historical events in MARS 13-15

realtime events in MARS 13-15

SNMP

removing traps unintentionally 10-6

traps not being sent 10-6

SSL

handshake failure during deployment 12-10

SSL VPN

AAA accounting not implemented 9-8

address pools on interface subnet 9-8

cannot import license information 9-7

detecting overlapping pools 9-7

limitations 9-7

limitations due to OS defects 9-8

lists applied to wrong context 9-8

modifying WINS master server 9-8

need for DNS 9-7

removing aaa new-model command 9-7

removing group policies from PIX/ASAs 9-9

removing port forwarding list 9-8

sharing connection profiles on ASAs 9-7

sharing gateway addresses 9-7

use of proxy-bypass interfaces 9-7

using interface roles 9-7

static routing

deployment fails after upgrade 10-7

floating route not inserted 10-7

support

Networking Professionals Connection 1-x

obtaining from Cisco 1-x

syslog message IDs

for IOS routers

supported for policy lookup from MARS 13-11

supported for policy lookup from MARS

by firewall devices 13-11

unsupported

for policy lookup 13-3

policy query icon 13-3

syslog messages

accuracy of matches

hashcodes 13-17

for IPS events

absence of sensor ID 13-5

for Packet Data events 13-5

system administrators

associating with user account

for policy lookup from MARS 13-9

system log messages

connection teardown

policy lookup, error 13-3

deployed rules

synchronization with device 13-7

generated by access rules

unavailable on device 13-4

invalid format

policy lookup 13-4

T

technical support (TAC)

obtaining 1-x

URL for service requests 1-x

testing

connectivity

between MARS and Security Manager 13-7, 13-10

time consumption

for policy table lookup

number of rules 13-10

with Security Manager client open 13-10

timezone settings

certificate errors 5-6

training, obtaining 1-x

transparent rules

name changes during discovery 6-10

troubleshooting information

generating 1-1

trusted hosts

provisioning 8-3

U

Unknown Device Event Type

custom signatures and 13-10

Unknown Reporting Devices

querying for

in MARS 13-12

URL list

applied to wrong SSL VPN context 9-8

user account

creating a separate one

for policy lookup 13-7

with admin privileges

for adding Security Manager to MARS 13-9

User Configuration page

in MARS

editing Security Manager credentials 13-7

Security Manager credentials disabled 13-7

user credentials

of Security Manager added to MARS

in Reporting Applications tab 13-12

in the User Configuration page 13-12

Reporting Applications tab of MARS

different from those in User Configuration page 13-12

User Configuration page of MARS

authenticating Security Manager 13-12

populated from policy query login dialog box 13-12

user roles

in MARS

editing Security Manager credentials 13-7

modifying Security Manager credentials 13-9

V

version mismatch, resolving 2-2

views

committed 13-7

deployed

policy lookup from MARS 13-7

virtual sensors

signature policy lookup

from MARS events 13-5

VLAN ACLs (VACLs)

supported types 11-2

VLANs

referencing undefined 11-2

VPN

defining multiple CA servers 9-2

defining multiple spoke definitions 9-6

discovering after configuring 9-4

enabling/disabling VRF on Catalyst 6500/7600 9-4

loss of communication with spoke 9-2

negated SSL VPN policies 6-5

PKI with AAA 9-2

SSL VPN limitations 9-7

SSL VPN limitations due to OS defects 9-8

traffic sent unencrypted 10-3

unconfigurable commands when Easy VPN enabled 9-5

undiscovered features 6-6

unneeded Easy VPN policies 9-4

updating routing processes 9-1

vpn sessiondb

cannot be imported 9-7

VTY

name changes during discovery 6-14

W

WINS

modifying master server 9-8

Workflow mode

policy table lookup

editable activities 13-8

from MARS events 13-8

with Security Manager client active 13-8