Table Of Contents

Working With the Security Manager User Interface

Logging In to and Exiting Security Manager

Logging In to the Cisco Security Management Suite Server

Installing, Logging In to, and Exiting the Security Manager Client

Server Connection Status and the Idle Timeout

Security Manager User Interface Overview

Navigating the Security Manager User Interface

Menu Bar Reference

File Menu

Edit Menu

View Menu

Policy Menu

Map Menu

Tools Menu

Activities Menu

Help Menu

Accessing Online Help

Toolbar Reference

Using Selector Trees

Selecting Items from Selector Trees

Managing Items in Selector Trees

Filtering Items in Selector Trees

Using Wizards

Using Rules Tables

Filtering Tables

Using Rules Table Columns and Column Headings

Understanding Rules Table Sections

Working with Rules Table Data

Using Main Menu Table Commands

Using Rules Table Buttons

Using Text Boxes

Finding Text in Text Boxes

Navigating Within Text Boxes

Selecting a File or Directory on the Server File System

Working With the Security Manager User Interface

---

The following topics describe how to use the Security Manager user interface:

•Logging In to and Exiting Security Manager

•Server Connection Status and the Idle Timeout

•Security Manager User Interface Overview

•Navigating the Security Manager User Interface

•Menu Bar Reference

•Accessing Online Help

•Toolbar Reference

•Using Selector Trees

•Using Wizards

•Using Rules Tables

•Using Text Boxes

•Selecting a File or Directory on the Server File System

Logging In to and Exiting Security Manager

Security Manager has two interfaces:

•Cisco Security Management Suite home page—Use this interface to install the Security Manager client and to manage the server. You can also access other CiscoWorks applications you installed, such as Resource Manager Essentials (RME).

•Security Manager client—Use this interface to perform most Security Manager tasks.

These topics describe how to log into and exit these interfaces:

•Logging In to the Cisco Security Management Suite Server

•Installing, Logging In to, and Exiting the Security Manager Client

Logging In to the Cisco Security Management Suite Server

Use Cisco Security Management Suite, and CiscoWorks Common Services, to install the Security Manager client and to manage the server. You can also access other CiscoWorks applications you installed, such as RME.

Procedure

---

Step 1 In your web browser, open http://SecManServer:1741, where SecManServer is the name of the computer where Security Manager is installed.

---

Note If you are using SSL, the default URL is https://SecManServer:443.

---

The CiscoWorks login screen is displayed. Verify on the page that JavaScript and cookies are enabled and that you are running a supported version of the web browser. For information on configuring the browser to run Security Manager, see the Security Manager installation guide on Cisco.com.

Step 2 Log into the Cisco Security Management Suite server with your user name and password. When you initially install the server, you can log in using the user name admin and the password defined during product installation. Click Yes on any Security Alert windows.

From this page, you can manage the server, install the client, and access other applications installed on the server.

•To exit the application, click Logout in the upper right corner of the screen.

•Click Help for information on using Common Services and the other installed applications.

•Click CiscoWorks to go to the regular CiscoWorks home page.

---

Installing, Logging In to, and Exiting the Security Manager Client

Use the Security Manager client to perform most Security Manager tasks. Before you can log into the client, you must install it.

Before You Begin

Install the client on your computer. To install the client, log into the Security Manager server as described in Logging In to the Cisco Security Management Suite Server. Then, click Cisco Security Manager Client Installer and follow the instructions in the installation wizard.

Procedure

---

Step 1 Select Start > Programs > Cisco Security Manager > Cisco Security Manager Client to start the client.

Step 2 On the Security Manager login window, select the server to which you want to log in, and enter your Security Manager user name and password. Click Login.

The client logs into the server and opens the client interface.

To exit Security Manager, select File > Exit.

---

Server Connection Status and the Idle Timeout

Security Manager maintains the connection between your client system and the Security Manager server.

If you do not use Security Manager for a period of time, your connection to the server automatically closes. The default timeout period is 120 minutes. You can change or disable the idle timeout.

Related Topics

•Customizing Your Desktop, page 1-47

Security Manager User Interface Overview

Figure 1-1 identifies the functional areas of the Security Manager user interface.

Figure 1-1 Security Manager User Interface

1	Title bar	2	Menu bar
3	Toolbar	4	Work area
5	Policy selector	6	Device selector

The title bar displays the following information about Security Manager:

•Your login name.

•The name of the Security Manager server to which you are connected.

•If Workflow mode is enabled, the name of the open activity.

Related Topics

•Using Selector Trees

•Menu Bar Reference

•Toolbar Reference

•Using Selector Trees

•Using Selector Trees

Navigating the Security Manager User Interface

The Security Manager user interface (see Figure 1-1) is divided into several functional areas. The user interface for each of these functional areas appears in either the work area of the main window or in a separate window. Functional areas that appear in a separate window are called tools.

This design allows you to maintain your location in the work area while you do related work using tools. For example, the Policy Object Manager tool appears in a separate window, allowing you to create new policy objects while you are in the process of creating policies in the work area.

The View menu contains navigation commands that change the contents of the work area in the main window. For more information about the View menu, see View Menu.

The Tools menu contains commands that open tools in a separate window. For more information about the Tools menu, see Tools Menu.

The main toolbar contains some navigation buttons that open functional areas of the user interface. For more information about these navigation buttons, see Toolbar Reference.

Menu Bar Reference

The menu bar contains menus with commands for using Security Manager. Commands may become unavailable depending on the task you are performing.

The menus in the menu bar are described in the following topics:

•File Menu.

•Edit Menu

•View Menu

•Policy Menu

•Map Menu

•Tools Menu

•Activities Menu

•Help Menu

File Menu

Table 1-1 describes the commands in the File menu. The menu items differ depending on the workflow mode.

Table 1-1 File Menu 

Command	Description
New Device	Creates a new device.
Clone Device	Creates a new device by duplicating an existing device
Delete Device	Deletes a device.
Save	Saves any changes made on the active page, but does not submit them to the Security Manager database.
Validate	Validates the changes you have saved.
Submit	Submits all changes made since the last submission to the Security Manager database.
Submit Deploy	Submits all changes made since the last submission to the Security Manager database and deploys all changes made since the last deployment.
Deploy	Deploys all changes made since the last deployment.
Discard	Discards changes.
Edit Device Groups	Edits device groups.
New Device Group	Adds a device group.
Add Devices to Group	Adds a device to a group.
Print	Prints the active page. Not all pages can be printed. If the Print command is not available, you cannot print the active page.
Exit	Exits Security Manager.

Related Topics

•Adding Devices to the Security Manager Inventory, page 1-29

•Understanding Activities, page 1-2

•Understanding Deployment, page 1-1

Edit Menu

Table 1-2 describes the commands in the Edit menu.

Table 1-2 Edit Menu 

Command	Description
Cut	Cuts the selected text and saves it on the clipboard.
Copy	Copies the selected text and saves it on the clipboard.
Paste	Pastes the text from the clipboard to the cursor's location.
Add Row	Adds a row into the active table.
Edit Row	Edits a table row.
Delete Row	Deletes a table row.
Move Row Up	Moves a table row up in the table.
Move Row Down	Moves a table row down in the table.

Related Topics

•Using Rules Tables

View Menu

The View menu contains commands to navigate within the user interface.

Table 1-3 describes the commands in the View menu.

Table 1-3 View Menu 

Menu Command	Description
Device View	Opens the device management view.
Map View	Opens the map view.
Policy View	Opens the policy management view.

Related Topics

•Navigating the Security Manager User Interface

Policy Menu

The Policy menu contains commands for managing policies.

Table 1-4 describes the commands in the Policy menu.

Table 1-4 Policy Menu 

Menu Command	Description
Share Policy	Saves the active local policy as a shared policy.
Unshare Policy	Saves the active shared policy as a local policy.
Assign Shared Policy	Assigns shared policies to devices.
Unassign Policy	Unassigns the current policy from the selected device.
Copy Policies Between Devices	Copies policies between devices.
Share Device Polices	Enables you to share local device policies.
Edit Policy Assignments	Edits assignment of shared policies to devices.
Save Policy As	Saves a copy of a policy with a new name.
Rename Policy	Renames a policy.
Add Local Rules	Adds local rules to a shared policy on a device. You must select a rule-based shared policy to use this command.
Inherit Rules	Edits policy inheritance.
Discover Policies on Device	Discovers policies on a device.

Related Topics

•Chapter 1, "Managing Policies"

Map Menu

The Map menu contains commands for using the Map view. The commands in this menu are available only when the Map view is open.

Related Topics

•Using Map View, page 1-1

Menu Reference

Table 1-5 Map Menu 

Menu Command	Description
New Map	Creates a new map.
Open Map	Opens a saved map or the default map.
Show Devices On Map	Selects the managed devices to show on the active map.
Show VPNs On Map	Selects the VPNs to show on the active map.
Add Map Object	Creates a new map object on the open map.
Add Link	Creates a new Layer 3 link on the open map.
Find Map Node	Finds nodes on the open map.
Save Map	Saves the open map.
Save Map As	Saves the open map with a new name.
Zoom In	Zooms in on the map.
Zoom Out	Zooms out from the map.
Fit to Window	Zooms the open map to display the entire map.
Display Actual Size	Zooms the open map to display at actual size.
Refresh Map	Refreshes the open map with updated network data.
Export Map	Exports the open map to a file.
Delete Map	Deletes the map you select from a list.
Map Properties	Displays or edits properties for the open map.
Show/Hide Navigation Window	Displays or hides the navigation window on the open map.
Undock/Dock Map View	Undocks the maps window, allowing you to use other features while keeping the map open. If the window is already undocked, the Dock Map View command reattaches the window to the primary Security Manager window.

Tools Menu

The Tools menu contains commands that start tools, which run in a window separate from the desktop.

Table 1-6 describes the commands in the Tools menu.

Table 1-6 Tools Menu 

Menu Command	Description
Device Properties	Opens the device properties tool.
Policy Object Manager	Manages policy objects.
Site-to-Site VPN Manager	Manages site-to-site VPNs.
Deployment Manager	Manages deployment.
Activity Manager	Manages activities in workflow mode.
Policy Discovery Status	Provides status of policy discovery.
Show Containment	Shows security contexts or service modules for a device.
Device Status	Provides device status.
Catalyst Device Manager	Manages Catalyst 6500 switches and 7600 series routers.
IPS Manager	Manages IPS devices.
Preview Configuration	Previews configurations.
Audit Report	Displays audit reports.
Configuration Archive	Manages archived configurations.
Backup	Manages backups.
Security Manager Diagnostics	Diagnoses Security Manager.
Security Manager Administration	Administers Security Manager.

Related Topics

•Chapter 1, "Using Tools"

Activities Menu

The Activities menu contains commands for managing activities. It appears only when workflow mode is enabled.

Table 1-8 describes the commands in the Activities menu.

Table 1-7 Activities Menu 

Menu Command	Description
New Activity	Creates a new activity.
Open Activity	Opens an activity.
Close Activity	Closes an activity.
Validate Activity	Validates an activity.
Submit Activity	Submits an activity.
Approve Activity	Approves an activity.
Reject Activity	Rejects an activity.
Discard Activity	Discards an activity.

Related Topics

•Chapter 1, "Managing Activities"

Help Menu

The Help menu contains commands for accessing product documentation and training.

Table 1-8 describes the commands in the Help menu.

Table 1-8 Help Menu 

Menu Command	Description
Help Topics	Opens the online help system.
Help About This Page	Open online help for the active page.
JumpStart	Opens the JumpStart.
Security Manager Online	Opens the Security Manager web page on Cisco.com.
About Security Manager	Displays information about Security Manager.

Related Topics

•Accessing Online Help

Accessing Online Help

To access online help for Security Manager, do one of the following:

•To open the main Security Manager online help page, select Help > Help Topics.

•To open context-sensitive online help for the active page, select Help > Help About This Page or click the Help button in the toolbar.

•To open context-sensitive online help for the active dialog box, click Help in the dialog box.

Toolbar Reference

The main toolbar (see Figure 1-1) contains buttons that perform actions in Security Manager.

The buttons that appear in the main toolbar vary depending on whether workflow mode is enabled. This table shows all buttons.

Table 1-9 Security Manager Toolbar

Button	Description
	Opens the device management view. For more information, see Chapter 1, "Managing Devices."
	Opens the map view. For more information, see Chapter 1, "Using Map View.".
	Opens the policy management view. For more information, see Chapter 1, "Managing Policies."
	Opens the Policy Object Manager tool. For more information, see Chapter 1, "Managing Objects."
	Opens the Site to Site VPN Manager tool. For more information, see Chapter 1, "Managing Site-to-Site VPNs."
	Opens the IPS Manager tool.
	Opens the Deployment Manager tool. For more information, see Chapter 1, "Managing Deployment."
	Opens the Audit Report tool. For more information, see Understanding Audit Reports, page 1-6
	Submits and deploys changes. For more information, see Chapter 1, "Managing Deployment."
	Opens online help for the current page. For more information, see Accessing Online Help.
	Opens the Activity Manager window, where you can create and manage activities. For more information on the following activity buttons, and the conditions under which they are enabled, see Accessing Activity Functions, page 1-9.
	Adds a new activity.
	Opens an activity.
	Saves all changes made while the activity was open and closes it.
	Submits the activity for approval.
	Approves the changes proposed in an activity. Active when Workflow mode is enabled with an approver.
	Rejects the changes proposed in an activity. Active when Workflow mode is enabled with an approver.
	Discards the selected activity.
	Validates the integrity of changed policies within the current activity.

Using Selector Trees

Selector trees appear in several places in the user interface; for example, the Device selector in the Device view (see Figure 1-1). They enable you to select items (like devices) on which to perform actions. Several types of items can appear in a selector tree, depending on the task you are performing.

The following topics describe how to use the standard features of the selector tree:

•Selecting Items from Selector Trees

•Managing Items in Selector Trees

•Filtering Items in Selector Trees

Selecting Items from Selector Trees

Items in selector trees are presented in a hierarchy of folders according to their organization in Security Manager.

You can browse for items in a selector tree by expanding and collapsing folders, which can contain other folders, items, or a combination of folders and items. To expand and collapse a folder, click the arrow next to it. Select an item by clicking it.

The selector trees support auto select. That is, when you type a single letter the next folder or item in the tree that begins with that letter is selected.

Managing Items in Selector Trees

To manage an item in a selector tree, right-click the item to open its context menu. The commands in the context menu vary according to the item type.

For more information about the management options that appear in selector trees, see the following topics:

•Chapter 1, "Managing Devices"

•Chapter 1, "Managing Policies"

Filtering Items in Selector Trees

To view a subset of the items in a selector tree, you can create filters to display only those items that match the criteria you specify. You can have a maximum of 10 filters per user for each selector. After that, when you create a new filter, that new filter replaces the oldest filter. You cannot delete filters manually.

A filter list appears above all selectors that can be filtered. From this list, you can do the following:

•Select a filter that you created previously.

•Select None to see the tree without any filters applied to it.

•Select Create Filter to create a new filter.

Each filter can contain several filter rules. Each filter rule specifies a rule type, criteria, and values. You select whether items must match any or all of the filter rules to be displayed in the selector tree.

The process for creating filters depends on the type of item that appears in the selector. For more information about filtering specific types of selectors, see Understanding Device Properties, page 1-74.

Using Wizards

Some of the tasks you can perform with Security Manager are presented as wizards. A wizard is a series of dialog boxes (or steps) that enables you to perform a task. The current step number and the total number of steps in the wizard are displayed in the wizard title bar.

Wizards share the following buttons:

•Back—Returns to the previous dialog box. Enables you to review and modify settings that you defined in previous wizard steps.

•Next—Continues to the next dialog box. If this button is unavailable, you must define some required settings in the current dialog box before you can continue. Required settings are marked with an asterisk (*).

•Finish—Finishes the wizard, saving the settings you defined. You can finish the wizard whenever this button is available. If this button is not available, you must define more settings.

•Cancel—Cancels the wizard without saving any settings.

•Help—Opens online help for the wizard.

Using Rules Tables

Rules tables in Security Manager display sets of rules (for example, access rules) that make up a policy.

Figure 1-2 Rules Table Example

1	Filtering section	2	Column headings
3	Rules sections	4	Rules
5	Table buttons

The following topics describe standard features of rules tables:

•Filtering Tables

•Using Rules Table Columns and Column Headings

•Understanding Rules Table Sections

•Working with Rules Table Data

•Using Main Menu Table Commands

•Using Rules Table Buttons

Filtering Tables

You can filter a rules table, and any other table that contains filtering controls, to display only rows that match your criteria. The filtering controls are at the top of the table, in the Filter section. To open and close the filter section, click the arrow next to the Filter section title. When you apply a filter, it is described next to the Filter section title.

Procedure

---

Step 1 If necessary, click the arrow in the Filter section to open the section.

Step 2 Select a table column from the Column list.

Step 3 Enter text in the Criteria field that is appropriate for the column you selected.

Step 4 Click Apply.

The table is filtered to show only the rows that match your criteria, and a description of the filter criteria appears next to the Filter section title.

Step 5 To add additional filtering criteria, repeat the proceeding steps.

If you create a filer with multiple criteria, the criteria are connected by "and." Only rows that match all the criteria will appear in the table.

Step 6 To remove the applied filter, click Remove. All filtering is removed from the table.

---

Using Rules Table Columns and Column Headings

A rules tables contains columns, each of which has a column heading in the heading row. These columns and their headings include the following features:

•Header row context menu—Right-click the table heading row to open the context menu. This menu enables you to select which columns appear and whether to display a summary or detailed information in each cell.

•Moveable columns—Click and drag a column heading to move the column to a new position.

•Resizable columns—Click a column heading divider (when the cursor turns into an arrow) and drag it to resize the column.

•Sorting by column headings—Click a column heading to sort the table by that column's contents. Click the same column heading again to reverse the sort order. The sorted column has an arrow next to its heading.

Understanding Rules Table Sections

Rules tables can contain sections, which contain groups of rules. Expand and collapse these sections by clicking the arrow next to the section title.

The grouping of rules into sections is determined by policy inheritance. For more information about policy inheritance, see Understanding Rule Inheritance, page 1-45.

Working with Rules Table Data

To work with table data, you must select the data first. You can select rule table data at the following levels of granularity:

•Row

•Cell

•Cell value

When you open a table, the first row is selected by default. You can then select other data to work with. The selected data is highlighted.

Click the first cell in a row to select the row. Double-click the first cell in a row to edit the row (or view its properties, if you do not have privileges to edit it). Right-click the first cell in a row to open the row context menu.

Click a cell or cell value to select it. Double-click a cell or cell value to edit it (or view its properties, if you do not have privileges to edit it). Right-click a cell or cell value to open its context menu.

To select multiple contiguous rows, press the Shift key while clicking the first cell of the first and last rows. To select multiple non-contiguous rows, press the Crtl key while clicking the first cell in each desired row. You can select only one cell or cell value at a time.

Table 1-10 describes the commands that appear in the rules table context menus. Other commands can also appear in the context menu that are specific to the type of data you select.

Table 1-10 Rules Table Context Menu Commands 

Menu Command	Description
Edit value	Edits the selected cell value.
View value	Displays the properties of the selected cell value.
Delete value	Deletes the selected cell value.
Add Row	Adds a row below the selected row.
Edit Row	Edits the selected row.
Delete Row	Deletes the selected row.
View Row	Displays the properties of the selected row.
Cut	Cuts the selected data.
Copy	Copies the selected data.
Paste	Pastes data in the current location. If the pasted data is a row, a new row is created below the selected row.
Move Row Up	Moves the row up.
Move Row Down	Moves the row down.
Enable	Enables or disables the rule represented by the row.

Using Main Menu Table Commands

The Edit menu in the main menu contains the following commands for using rules tables:

Table 1-11 Edit Menu Rules Table Commands 

Menu Command	Description
Insert Row	Inserts a row below the selected row.
Edit Row	Edits the selected row.
Delete Row	Deletes the selected row.
View Row	Displays the properties of the selected row.
Move Row Up	Moves the row up.
Move Row Down	Moves the row down.

Using Rules Table Buttons

Rules tables include the buttons described in the following table. A rules table can also include other buttons that are specific to the policy type:

Table 1-12 Rules Table Buttons 

Button	Description
Add Row	Adds a new row.
Edit Row	Edits the selected row.
Delete Row	Deletes the selected row.
Up Row	Moves the selected row up in the table.
Down Row	Moves the selected row down in the table.

Using Text Boxes

Text boxes that can contain multiple text lines include several features to make them easier to use. These features are described in the following topics:

•Finding Text in Text Boxes

•Navigating Within Text Boxes

Finding Text in Text Boxes

Use the Find dialog box to find text within a multiple line text field.

Procedure

---

Step 1 Click in a multiple line text field.

Step 2 Press Ctrl+F. The Find dialog box opens.

Step 3 Enter text to search for in the Find what field.

Step 4 In the Direction field, select Up to search up in the text field or Down to search down in the text field.

Step 5 To match the case of the text you entered, select the Match Case check box.

Step 6 Click Find.

The next occurrence of your search text is highlighted in the text field.

---

Navigating Within Text Boxes

Use the Goto line dialog box to navigate to a specific line in a multiple line text field.

Procedure

---

Step 1 Click in a multiple line text field.

Step 2 Press Ctrl+G. The Goto line dialog box opens.

Step 3 Enter a line number in the Line number field.

Step 4 Click OK.

The text field scrolls to the line number you entered.

---

Selecting a File or Directory on the Server File System

Cisco Security Manager uses a standard file system browser to enable you to select a directory or file from it.

Procedure

---

Step 1 Click a Browse button.

Step 2 In the Select a File dialog box, navigate to the directory or file using the tree control in the left pane.

Step 3 Select a file from the right pane.

Step 4 Click OK.

---