Installation Guide for Cisco Security Manager 4.3
Index
Downloads: This chapterpdf (PDF - 250.0KB) The complete bookPDF (PDF - 2.34MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - H - I - J - L - M - N - O - P - R - S - T - U - V - W -

Index

A

Access Control Server (ACS)

activating NDG feature 8-19

adding devices as AAA clients without NDGs 8-17

adding managed devices 8-17

adding managed devices and configuring NDGs 8-26

adding multihomed devices 8-31

adding users 8-15

assigning roles to user groups 8-25

assigning roles to user groups with NDGs 8-26

assigning roles to user groups without NDGs 8-25

associating user roles and permissions 8-11

authentication fails 8-28

changes not appearing in Security Manager 8-29

configuring CiscoWorks AAA mode 8-23

configuring network device groups 8-18

configuring SMTP and e-mail for notifications 8-24

creating administration control user 8-20

creating local users in CiscoWorks 8-21

creating network device groups 8-19

customizing user roles 8-10

default roles 8-10

defining system identity user 8-15

devices not appearing in Security Manager 8-30

integrating with Security Manager 8-12

integration checklist 8-14

integration requirements 8-13

performing integration 8-15

performing integration in CiscoWorks 8-21

read-only access for system administrators 8-29

registering Security Manager 8-24

reinstalling server applications 5-3

restarting Daemon Manager 8-25

restoring access 8-30

troubleshooting 8-28

understanding user permissions 8-3

user permissions 8-3

using multiple versions of Security Manager 8-28

working after ACS becomes unreachable 8-30

accounts, user

managing 8-1

required 5-1

antivirus utilities, requirement to disable 4-3

applications

downgrading server 5-15

installing and configuring client 6-1

installing and upgrading server 5-1

logging into 6-10

required changes after upgrading server 5-11

uninstalling server 5-15

upgrading server 5-5

approve permissions 8-5

approver role 8-6

assign permissions 8-5

authorization, changes in ACS for devices 8-29

Auto Update Server (AUS)

installing 5-2

licensing 2-4, 2-7

logging into 6-12

overview 1-2

required user accounts 5-1

server requirements 3-3

uninstalling 5-15

upgrading 5-5

B

backup

committing pending data before performing 5-7

Cygwin limitations A-5

database 5-8

backup/restore upgrade path, definition of 5-5

back up database 5-9

bootstrapping devices 7-8

browsers

configuring required settings 6-1

configuring required settings for Firefox 6-3

configuring required settings for Internet Explorer 6-2

logging into applications 6-12

supported 3-6, 3-10

C

certificates

requirement to create 7-1

troubleshooting 4-3

Cisco Security Agent (CSA)

installing 5-2

upgrading 5-5

Cisco Security Agent, caution while disabled 6-7

Cisco Security Agent, disabling 6-7

CiscoWorks Common Services

assigning roles to users 8-7

associating user roles and permissions 8-11

available user roles 8-6

configuring AAA mode 8-23

creating administration control user in ACS 8-20

creating local user for Cisco Secure ACS 8-21

defining system identity user 8-22

installing 5-2

licensing 2-4, 2-7

logging into 6-12

overview 1-1

performing integration for Cisco Secure ACS 8-21

registering Security Manager with Cisco Secure ACS 8-24

required version 1-1

understanding user permissions 8-3

uninstalling 5-15

upgrading 5-5

client

clearing server list in Login window A-14

log files A-14

operating systems 3-9

requirements 3-9

troubleshooting after installation A-12

troubleshooting installation A-9

Compatibility View 3-6, 3-10, 6-2

control permissions 8-5

Cygwin problems during database backup A-5

D

Daemon Manager

restarting after Cisco Secure ACS integration 8-25

database

backing up 5-8, 5-9

committing pending data before upgrade 5-7

restoring 5-10

date and time settings 3-1, 4-3

deploy permissions 8-5

devices

bootstrapping 7-8

changes to ACS authorization not appearing in Security Manager 8-29

directory encryption, restriction against 3-3

documentation

CommonServices i-xiii

Security Manager, AUS, Performance Monitor i-xiii

domain controllers (primary or backup), unsupported use 3-3

dual-screen setups A-15

E

e-mail address, Security Manager administrator 8-24

encrypted directories, restriction against 3-3

error messages

client installation A-9

server installation A-4

server uninstallation A-8

F

Firefox

cache size requirement 6-4

configuring required settings 6-3

disabling popup blocker 6-4

displaying help in new tab 6-5

editing the preferences file 6-3

enabling Javascript 6-4

supported versions 3-6, 3-10

for more information 7-8

H

help desk user role 8-6

HTTP, configuring non-default port 6-9

HTTPS

configuring non-default port 6-9

determining mode A-14

I

IE 8 Compatibility View 3-6, 3-10, 6-2

import permissions 8-5

indirect upgrade path, definition of 5-5

installation

Security Manager, AUS, Common Services 5-2

Security Manager client 6-6

security settings that prevent client 6-8

troubleshooting client A-9

troubleshooting server A-4

using remote desktop or VNC 5-2

verifying 7-7

Internet Explorer

cache size requirement 6-2

configuring required settings 6-2

security settings 6-2

supported versions 3-6, 3-10

Internet Information Server (IIS), requirement to uninstall 4-2

J

Java requirements 3-6, 3-10

L

language support 3-9

LAN Management Solution (LMS), unsupported use 4-2

LiaisonServlet error, troubleshooting A-6

licenses

Product Authorization Key (PAK) 2-3

Security Manager kit part numbers 2-8

Software License Claim Certificate 2-3

updating 5-13

local upgrade path, definition of 5-5

log files A-17

M

memory (RAM)

client requirements 3-9

modify permissions 8-4

N

Network Access Restriction (NAR) 8-13

network administrator role

Cisco Secure ACS 8-10

CiscoWorks 8-6

network device groups (NDGs)

activating NDG feature 8-19

associating with roles and user groups 8-26

configuring 8-18

creating 8-19

effect on user permissions 8-18

network operator role 8-6

O

operating systems

client 3-9

overview 1-1, 2-1

P

pdshow command 7-2

pending data, committing 5-7

performance

client recommendations 3-9

server best practices 4-1

server recommendations 3-3

Performance Monitor

logging into 6-12

overview 1-3

required user accounts 5-1

server requirements 3-3

uninstalling 5-15

updating licenses 5-13

upgrading 5-5

permissions

assigning roles in CiscoWorks 8-7

associating with user roles 8-11

categories 8-3

customizing for ACS 8-10

impact of NDGs 8-18

understanding 8-3

point patches

applying to a client 6-10

obtaining 5-14

popup blocker

disabling 6-5

disabling for Firefox 6-4

ports

comprehensive list of required TCP/UDP A-2

configuring non-default HTTP/HTTPS 6-9

list of typically required 3-1

processes

restarting server A-17

troubleshooting A-16

verifying 7-2

property files 5-8

R

remote desktop, using for installation 5-2

remote upgrade path, definition of 5-5

requirements

client 3-9

data and time settings 3-1, 4-3

general server 3-1

server 3-3

unsupported server configurations 3-3

Resource Manager Essentials (RME)

logging into 6-12

required user accounts 5-1

server requirements 3-3

uninstalling 5-15

updating licenses 5-13

upgrading 5-5

restorebackup.pl command 5-10

restore database 5-10

roles

Cisco Secure ACS users 8-9

CiscoWorks users 8-5

S

Security 1-2

security

server best practices 4-1

security administrator role 8-10

Security Manager

committing pending data before upgrade 5-7

component applications 1-1

downgrading server 5-15

getting started with 7-8

installing 5-2

logging in using browser 6-12

logging in using client 6-11

overview 1-2

related applications 1-3

required changes after upgrade 5-11

required user accounts 5-1

restarting Daemon Manager 8-25

server requirements 3-3

service startup requirements A-1

troubleshooting interaction with ACS 8-28

uninstalling server 5-15

updating licenses 5-13

upgrading server 5-5

Security Manager client

clearing server list in Login window A-14

configuring non-default HTTP/HTTPS port 6-9

determining HTTPS mode A-14

handling security settings that prevent installation 6-8

installing 6-6

locating client logs A-14

logging into 6-11

patching 6-10

resolving version mismatch A-14

running in dual-screen mode A-15

unable to upgrade 6-9

uninstalling 6-13

server

best practices for security 7-7

date and time settings 3-1, 4-3

general requirements 3-1

performance, best practices for enhancing 4-1

post installation tasks 7-1

preparation checklists 4-1

readiness checklist 4-3

requirements 3-3

security, best practices for enhancing 4-1

troubleshooting post-installation problems A-5

unsupported configurations 3-3

verifying processes 7-2

service packs

applying to a client 6-10

obtaining 5-14

services, minimum required for Windows 4-2

service startup requirements A-1

SMTP, configuring for ACS notifications 8-24

SSL certificate invalidation 4-3

storage, supported SAN 3-7

submit permissions 8-5

Sybase, requirement to disable 4-4

system administrator role 8-6

system identity user 8-15, 8-22

T

TACACS+

selecting as CiscoWorks AAA mode 8-23

using ACS as 8-12

TCP

comprehensive list of required ports A-2

list of typically required ports 3-1

Terminal Services, unsupported configuration 3-3

troubleshooting

ACS configurations 8-28

antivirus scanners 4-2

client after installation A-12

client installation A-9

client installer says old version is installed when it is not A-12

collecting server troubleshooting information A-16

Cygwin prevents backup A-5

dual-screen setups A-15

error messages

client installation A-9

server installation A-4

server uninstallation A-8

host-based intrusion software 4-2

incorrect interface appearance A-5

installation does not run A-15

installation hangs A-5, A-11

invalid SSL certificate 4-3

java.security.cert errors 4-3

LiaisonServlet error A-6

mapped drives A-7

missing product features A-5

overview A-1, C-1

restarting server processes A-17

reviewing installation log files A-17

security settings that prevent installation 6-8

security software conflicts 4-2

server installation A-4

server problems after installation A-5

server processes A-16

server self-test A-15

server uninstall A-8

unable to upgrade client 6-9

uninstallation does not run A-15

uninstallation hangs A-9

typographical conventions in this document i-xii

U

UDP

comprehensive list of required ports A-2

list of typically required ports 3-1

uninstallation

recommendation to restart servers 5-15

Security Manager client 6-13

server applications 5-15

troubleshooting server A-8

upgrade, verifying 7-7

user accounts

admin 5-1

casuser 5-1

creating 5-1

managing 8-1

System Identity 5-2

user permissions

assigning roles in CiscoWorks 8-7

associating with user roles 8-11

categories 8-3

customizing for ACS 8-10

impact of NDGs 8-18

understanding 8-3

user roles

associating with user permissions 8-11

available CiscoWorks user roles 8-6

Cisco Secure ACS 8-9

CiscoWorks 8-5

default ACS roles 8-10

V

version mismatch, resolving A-14

view permissions 8-3, 8-4

VMWare supported versions 3-6

VNC, using for installation 5-2

W

web browsers

configuring required settings 6-1

logging into applications 6-12

supported 3-6, 3-10

Windows services, required 4-2