User Guide for Cisco IPS Manager 3.0 - Administering the System Configuration [Cisco Security Manager]

Table Of Contents

Administering the System Configuration

Defining the Email Server Settings

Enabling Manual Configuration File Approvals

Setting SDF User Credentials

Updating the IOS IPS Crypto Configuration

Administering the System Configuration

This chapter details how to perform a variety of basic system configuration tasks.

The following figure details the activity choices you see when you select the Admin tab and then System Configuration in the Management Center for IPS Sensors (IPS MC) interface.

This chapter covers only some of these activities:

•For information on the View Current Locks page, see Unlocking Pending Configuration Settings.

•For information on the Automatic Signature Download page, see Downloading Update Files Automatically.

•For information on the Deploy Settings page, see Defining Deployment Settings.

For information on tasks involving database administration: database pruning and operating with the Common Services platform, see "Administering the Database".

This chapter contains the following topics:

•Defining the Email Server Settings

•Enabling Manual Configuration File Approvals

•Setting SDF User Credentials

•Updating the IOS IPS Crypto Configuration

Defining the Email Server Settings

You can specify the email server that IPS MC uses for event notifications.

To define the email server settings, follow these steps:

Step 1 Select Admin > System Configuration.

Step 2 Click Email Server in the TOC.

The Email Server page appears.

Step 3 Enter your email server name in the Email Server Name field.

Step 4 To save your changes, click Apply.

The email server you specify will be used to send event notifications.

Enabling Manual Configuration File Approvals

You can configure IPS MC to automatically or manually approve configuration files when they are generated. The default value is automatic approval.

You must have a user account with adequate privileges to approve configuration files.

To change the method of configuration file approval, follow these steps:

Step 1 Select Admin > System Configuration.

Step 2 In the TOC, select Configuration File Management.

Step 3 To change the method of configuration file approval from the default, automatic, to manual, select the Enable manual configuration file change approval? check box.

Setting SDF User Credentials

Use this procedure to set SDF user credentials when you need to authenticate SDF requests from IOS IPS devices. SDF user credentials consist of a username and password.

If you need to authenticate SDF requests from IOS IPS devices, follow these steps:

Step 1 Select Admin > System Configuration.

Step 2 In the TOC, select SDF User Credentials.

The SDF User Credentials page appears.

Step 3 On the SDF User Credentials page, check Authenticate SDF Request.

Step 4 Enter a valid VPN/Security Management username. This is the username that you used to log in to the CiscoWorks server.

Step 5 Enter the corresponding password.

Step 6 Confirm the password by re-entering it.

Step 7 Click Apply

User credentials (username and password) on an IOS IPS device will be sent with SDF requests.

Updating the IOS IPS Crypto Configuration

The IPS MC uses crypto certificates while it communicates with IOS IPS devices through the HTTPS protocol. You can update the crypto trust point of all IOS IPS devices that are being managed by IPS MC with the crypto certificate of the IPS MC.

You must have a user account with adequate privileges to update IOS IPS crypto configurations.

Before you begin, ensure that the tftp server is running on the IPS MC server. Also, ensure that the tftp directory has adequate permission for IOS IPS to be able to download the certificate from it. The default tftp directory for Windows 2000 and 2003 is <install-dir>\tftpboot.

To update the IOS IPS crypto configuration, follow these steps:

Step 1 Select Admin > System Configuration.

Step 2 In the TOC, select Update IOS IPS Crypto Configuration.

Step 3 Click Update.

The system displays an Info! box informing you that the update has started and directing you to check the real-time Progress Viewer for the full status. For more information, see Using the Progress Viewer.

	User Guide for Cisco IPS Manager 3.0
	Administering the System Configuration
User Guide for Cisco IPS Manager 3.0 Preface Introduction Advanced User Interface Design Features Managing Sensors with IPS MC Working with Groups and Sensors Configuring Sensors and Signature Settings Generating, Approving, and Deploying Sensor Configurations Monitoring Sensor Health Using Update Files Administering the System Configuration Administering the Database Reports Moving from the Unix Director or CSPM to IPS MC Solving Common Problems in IPS MC Employing Cisco Secure ACS with IPS MC Index	Download this chapter Administering the System Configuration Download the complete book User Guide for Cisco IPS Manager 3.0 (PDF - 3 MB) Table Of Contents Administering the System Configuration Defining the Email Server Settings Enabling Manual Configuration File Approvals Setting SDF User Credentials Updating the IOS IPS Crypto Configuration Administering the System Configuration This chapter details how to perform a variety of basic system configuration tasks. The following figure details the activity choices you see when you select the Admin tab and then System Configuration in the Management Center for IPS Sensors (IPS MC) interface. This chapter covers only some of these activities: •For information on the View Current Locks page, see Unlocking Pending Configuration Settings. •For information on the Automatic Signature Download page, see Downloading Update Files Automatically. •For information on the Deploy Settings page, see Defining Deployment Settings. For information on tasks involving database administration: database pruning and operating with the Common Services platform, see "Administering the Database". This chapter contains the following topics: •Defining the Email Server Settings •Enabling Manual Configuration File Approvals •Setting SDF User Credentials •Updating the IOS IPS Crypto Configuration Defining the Email Server Settings You can specify the email server that IPS MC uses for event notifications. To define the email server settings, follow these steps: Step 1 Select Admin > System Configuration. Step 2 Click Email Server in the TOC. The Email Server page appears. Step 3 Enter your email server name in the Email Server Name field. Step 4 To save your changes, click Apply. The email server you specify will be used to send event notifications. Enabling Manual Configuration File Approvals You can configure IPS MC to automatically or manually approve configuration files when they are generated. The default value is automatic approval. You must have a user account with adequate privileges to approve configuration files. To change the method of configuration file approval, follow these steps: Step 1 Select Admin > System Configuration. Step 2 In the TOC, select Configuration File Management. Step 3 To change the method of configuration file approval from the default, automatic, to manual, select the Enable manual configuration file change approval? check box. Setting SDF User Credentials Use this procedure to set SDF user credentials when you need to authenticate SDF requests from IOS IPS devices. SDF user credentials consist of a username and password. If you need to authenticate SDF requests from IOS IPS devices, follow these steps: Step 1 Select Admin > System Configuration. Step 2 In the TOC, select SDF User Credentials. The SDF User Credentials page appears. Step 3 On the SDF User Credentials page, check Authenticate SDF Request. Step 4 Enter a valid VPN/Security Management username. This is the username that you used to log in to the CiscoWorks server. Step 5 Enter the corresponding password. Step 6 Confirm the password by re-entering it. Step 7 Click Apply User credentials (username and password) on an IOS IPS device will be sent with SDF requests. Updating the IOS IPS Crypto Configuration The IPS MC uses crypto certificates while it communicates with IOS IPS devices through the HTTPS protocol. You can update the crypto trust point of all IOS IPS devices that are being managed by IPS MC with the crypto certificate of the IPS MC. You must have a user account with adequate privileges to update IOS IPS crypto configurations. Before you begin, ensure that the tftp server is running on the IPS MC server. Also, ensure that the tftp directory has adequate permission for IOS IPS to be able to download the certificate from it. The default tftp directory for Windows 2000 and 2003 is `<install-dir>\tftpboot`. To update the IOS IPS crypto configuration, follow these steps: Step 1 Select Admin > System Configuration. Step 2 In the TOC, select Update IOS IPS Crypto Configuration. Step 3 Click Update. The system displays an Info! box informing you that the update has started and directing you to check the real-time Progress Viewer for the full status. For more information, see Using the Progress Viewer.
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.