Table Of Contents

Preface

Objective

Audience

What's New

Document Organization

Document Conventions

Related Documentation

Changes to This Document

Obtaining Documentation and Submitting a Service Request

Preface

---

This preface explains the objectives, intended audience, and organization of Cisco Enterprise Policy Manager Installation and Configuration Guide and describes the conventions that convey instructions and other information.

The preface contains the following sections:

•Objective

•Audience

•Document Organization

•Document Conventions

•Related Documentation

•Changes to This Document

Objective

This document provides a step-by-step procedure for installing and configuring Cisco Enterprise Policy Manager v3.3.0.0 components on Linux, Solaris, and Windows server machines.

Audience

This guide is for administrators who use CEPM and are responsible for resource modelling and entitlement management.

What's New

This section highlights the new steps introduced while installing CEPM comapred to its previous version as given below:

•Now CEPM installation is automated and can be installed via command line tools such as Command Prompt (for Windows) and Terminal (for Linux/Solaris).

•Unlike previous versions, CEPM configuration and creation of database tables are done through automation (that is, by running configure.xml and createtables.xml files). Note that the database procedures must be executed manually.

•While upgrading installation, ruleconversionto33.bat(sh) file must be run to update your existing application with the latest rule creation feature.

•CEPM now supports Oracle 11g. For this, you must use JDK1.6.

•You can provide additional language support and customize the PAP UI labels using CEPM resourcebundles.

Document Organization

This guide contains the following chapters and appendixes:

•Chapter 1, "Cisco EPM Overview"

•Chapter 2, "Installing the CEPM Software"

•Chapter 3, "Common Installation Steps"

•Chapter 4, "Installing PAP and PDP on Windows"

•Chapter 5, "Installing PAP and PDP on Linux/Solaris"

•Chapter 6, "Installing PAP on Windows"

•Chapter 6, "Installing PAP on Windows"

•Chapter 7, "Installing PAP on Linux/Solaris"

•Chapter 9, "Installing PDP on Linux/Solaris"

•Chapter 8, "Installing PDP on Windows"

•Chapter 9, "Installing PDP on Linux/Solaris"

•Chapter 12, "Running CEPM Scripts in DB2 Client"

•Chapter 10, "CEPM Migration Information"

•Chapter 11, "JMS Configuration for PAP-PDP Database Separation"

•Chapter 12, "Running CEPM Scripts in DB2 Client"

•Chapter 13, "Verifying PAP-PDP Installation"

•Chapter 14, "Updating CEPM License"

•Chapter 15, "Troubleshooting CEPM Installation"

•Chapter 16, "Using Connection Pools"

•Chapter 17, "Installing CEPM as a Windows Service on Windows 2003"

•Chapter 18, "SSL Configuration"

•Chapter 19, "Deployment of .war and .ear Files in Application Server"

•Chapter 20, "Executing createtables.sql."

•Chapter 21, "Utilizing CEPM ResourceBundle"

•Appendix A, "Creating tablespace and user in CEPM Database"

Document Conventions

---

Caution Means reader be careful. You are capable of doing something that might result in equipment damage or loss of data.

---

---

Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual.

---

---

Warning This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. To see translations of the warnings that appear in this publication, refer to the Regulatory Compliance and Safety Information document that accompanied this device. Statement 1074

---

Related Documentation

Following documents are available with this release:

Table 1 List of Documents available with CEPM V3.3.0.0 

Documentation Title	Description and Location of the Document in Cisco.com
CEPM User Guide	Provides detailed information about various features and functionalities available in CEPM. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Guide/User_Guide/CEPM_User_Guide.html
CEPM Quickstart Guide	Provides a quick, step-by-step procedure for starting up and using CEPM. This guide also walks you through the setup of a basic application and its resources, the securing of its resources with policies, and the testing of those policies. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Guide/Quick_Start_Guide/CEPM_Quick_Start_Guide.html
CEPM Concept Guide	Provides general information on CEPM architecture and entitlement management. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Guide/Concept_Guide/CEPM_Concept_Guide.html
CEPM Capacity Planning Guide	Discusses the different deployment options that are possible using CEPM. It also recommends the database size depending on the parameters of the application that is being protected by CEPM. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Guide/Capacity_Planning_Guide/CEPM_Capacity_Planning_Guide.html
CEPM Resource Models	Describes concepts related to basic policy-based application entitlement which ensures that a subject accessing a resource (or invoking an action on a resource) is allowed or denied, based on attributes-based rules. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Guide/Resource_Models/CEPM_Resource_Models.html
CEPM Java Developers Guide	Provides guidelines for using the Policy Enforcement Point (PEP) and PAP APIs, and provides instructions for configuring the PEP agent and Java Server Page (JSP) tag libraries. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Developer_Guide/Java_Developer_Guide/CEPM_Java_Developer_Guide.html
CEPM Dotnet Developers Guide	Provides guidelines for using the PEP and PAP APIs, and provides instructions for configuring the PEP agent for dotnet applications. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Developer_Guide/DotNet_Developer_Guide/CEPM_DotNet_Developer_Guide.html
CEPM PAP Configurations Guide	Provides guidelines to configure the PAP configuration parameters available in the pap_config.xml file. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Configuration_Guide/PAP_Configuration_Guide/CEPM_PAP_Configuration_Guide.html
CEPM PDP Configurations Guide	Provides guidelines to configure the PDP configuration parameters available in the pdp_config.xml file. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Configuration_Guide/PDP_Configuration_Guide/EPMPDPConfigs_chap.html
CEPM PEP Configurations Guide	Provides guidelines to configure the PEP configuration parameters available in the pep_config.xml file. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Configuration_Guide/PEP_Configuration_Guide/EPMPEPConfigs_chap.html
CEPM Inprocess PDP Deployment Guide	Provides guidelines for deployment of CEPM In-Process PDP in the stand-alone client-side applications. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Configuration_Guide/In_Process_PDP/EPMInPDPDeploy_chap.html
CEPM Dotnet Agent Guide	Provides step-by-step instructions to deploy the CEPM Dotnet Agent used by any .NET based application (either a desktop or a web-based application). It also describes about a COM-wrapped agent, which is supported for VB, C++, and other Windows-based applications. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/Dotnet_Agent/CEPM_Dotnet_Agent_Guide.html
CEPM SharePoint Agent Guide	Provides a step-by-step procedure to install CEPM SharePoint Agent and integrate the Policy Administration Point (PAP) with your web applications running on SharePoint Server 2007. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/SharePoint_Agent/CEPM_SharePoint_Agent_Guide.html
CEPM SSPI Agent Guide	Provides guidelines for the deployment of the CEPM SSPI Agent and explains the features supported by CEPM customized authorization provider for applications running in the WebLogic (BEA WebLogic V9.2). Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/SSPI_Agent/EPMSSPIAgt_chap.html
CEPM JACC Agent For JBOSS Portal Guide	Explains about how the CEPM JACC Agent for JBOSS Portal helps in implementing the fine-grained authorization decisions for portal applications developed using JBOSS Portal. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/JACC_JBOSS_Agent/EPMJACCAgtJB_chap.html
CEPM JACC WAS Agent Guide	Explains about how the CEPM JACC Agent for WebSphere Application Server helps in implementing the fine-grained authorization decisions for web applications developed using WebSphere Application Server. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/JACC_WAS_Agent/CEPM_JACC_WAS_Agent.html
CEPM JAX-RPC Agent Guide	Provides an overview about the CEPM JAX-RPC Agent and explains the steps for configuring this agent in the applications running in WebSphere Application Server. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/JAX-RPC_Agent/CEPM_JAX_RPC_Agent_Guide.html
CEPM JAX-WS Agent Guide	Provides an overview about the CEPM JAX-WS Agent and explains the steps for configuring this agent in the applications running in WebSphere Application Server. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/JAX-WS_Agent/CEPM_JAX-WS_Agent_Guide.html
CEPM AXIS Agent Guide	Provides step-by-step instructions on how to integrate the CEPM Axis Agent with web applications using Axis webservice implementation for fine-grained access control. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/AXIS_Agent/EPMAxisAgt_chap.html
CEPM AXIS2 Agent Guide	Provides step-by-step instructions on how to integrate the CEPM Axis2 Agent with web applications using Axis2 webservice implementation for fine-grained access control. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/AXIS2_Agent/EPMAxisAgt_chap.html
CEPM ACEGI Agent Guide	Provides guidelines for deployment of the CEPM ACEGI Agent and explains the features of using CEPM customized ACEGI authorization solution for applications running in the Spring Framework. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/ACEGI_Agent/EPMACEGIAgt_chap.html
CEPM Spring Security2 Agent Guide	Provides guidelines for deployment of the CEPM Spring Security2 Agent and explains the features of using CEPM customized Spring Security2 authorization solution using the RoleVoter for applications running in the Spring Framework. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/Spring_Security2_Agent/EPMSSAgt_chap.html
CEPM XMLACCESS Agent Guide	Provides guidelines for deployment of the CEPM XMLAccess Agent and explains the features of using CEPM customized XMLAccess authorization solution for portal applications running in the WebSphere Portal Server. Location on Cisco.com: http://www.cisco.com/en/US/docs/security/epm/epm33/Agent/XML_ACCESS_Agent/EPMXMLAccessAgt_chap.html

Changes to This Document

Table 1 lists the changes made to this document since it was first released.

Table 2 Changes to This Document

Date	Change Summary
July 7, 2009	Minor edits and template/boilerplate updates for publication to Cisco.com
April 3, 2009	Cisco Enterprise Policy Manager (EPM) Release 3.3.0.0

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.