The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
activating NDG feature 8-19
adding devices as AAA clients without NDGs 8-17
adding managed devices 8-17
adding managed devices and configuring NDGs 8-27
adding multihomed devices 8-31
adding users 8-15
assigning roles to user groups 8-25
assigning roles to user groups with NDGs 8-27
assigning roles to user groups without NDGs 8-26
associating user roles and permissions 8-11
authentication fails 8-29
changes not appearing in Security Manager 8-30
configuring CiscoWorks AAA mode 8-23
configuring network device groups 8-18
configuring SMTP and e-mail for notifications 8-24
creating administration control user 8-20
creating local users in CiscoWorks 8-21
creating network device groups 8-19
customizing user roles 8-10
default roles 8-10
defining system identity user 8-15
devices not appearing in Security Manager 8-30
integrating with Security Manager 8-12
integration checklist 8-14
integration requirements 8-13
performing integration 8-15
performing integration in CiscoWorks 8-21
read-only access for system administrators 8-29
registering Security Manager 8-24
reinstalling server applications 5-3
restarting Daemon Manager 8-25
restoring access 8-31
troubleshooting 8-28
understanding user permissions 8-3
user permissions 8-4
using multiple versions of Security Manager 8-28
working after ACS becomes unreachable 8-30
managing 8-1
required 5-1
antivirus utilities, requirement to disable 4-3
downgrading server 5-19
installing and configuring client 6-1
installing and upgrading server 5-1
logging into 6-10
required changes after upgrading server 5-15
uninstalling server 5-19
upgrading server 5-5
approve permissions 8-5
approver role 8-6
assign permissions 8-5
authorization, changes in ACS for devices 8-30
installing 5-2
licensing 2-4, 2-7
logging into 6-12
overview 1-2
required user accounts 5-1
server requirements 3-4
uninstalling 5-19
upgrading 5-5
committing pending data before performing 5-10
Cygwin limitations A-5
database 5-12
backup/restore upgrade path, definition of 5-6
back up database 5-13
bootstrapping devices 7-8
browser cookies 6-2
configuring required settings 6-1
configuring required settings for Firefox 6-3
configuring required settings for Internet Explorer 6-2
logging into applications 6-12
supported 3-7, 3-11
requirement to create 7-1
troubleshooting 4-3
Cisco Security Agent, caution while disabled 6-7
Cisco Security Agent, disabling 6-7
installing 5-2
upgrading 5-5
assigning roles to users 8-7
associating user roles and permissions 8-11
available user roles 8-6
configuring AAA mode 8-23
creating administration control user in ACS 8-20
creating local user for Cisco Secure ACS 8-21
defining system identity user 8-22
installing 5-2
licensing 2-4, 2-7
logging into 6-12
overview 1-1
performing integration for Cisco Secure ACS 8-21
registering Security Manager with Cisco Secure ACS 8-24
required version 1-1
understanding user permissions 8-3
uninstalling 5-19
upgrading 5-5
clearing server list in Login window A-15
log files A-15
operating systems 3-10
requirements 3-10
troubleshooting after installation A-13
troubleshooting installation A-10
control permissions 8-5
cookies for browsers 6-2
Cygwin problems during database backup A-5
restarting after Cisco Secure ACS integration 8-25
backing up 5-12, 5-13
committing pending data before upgrade 5-10
restoring 5-14
date and time settings 3-1, 4-3
deploy permissions 8-5
bootstrapping 7-8
changes to ACS authorization not appearing in Security Manager 8-30
directory encryption, restriction against 3-4
domain controllers (primary or backup), unsupported use 3-4
dual-screen setups A-16
e-mail address, Security Manager administrator 8-24
encrypted directories, restriction against 3-4
client installation A-10
server installation A-4
server uninstallation A-8
cache size requirement 6-4
configuring required settings 6-3
disabling popup blocker 6-4
displaying help in new tab 6-5
editing the preferences file 6-3
enabling Javascript 6-4
supported versions 3-7, 3-11
for more information 7-8
help desk user role 8-6
HTTP, configuring non-default port 6-9
configuring non-default port 6-9
determining mode A-15
import permissions 8-5
indirect upgrade path, definition of 5-6
Security Manager, AUS, Common Services 5-2
Security Manager client 6-6
troubleshooting client A-10
troubleshooting server A-4
using remote desktop or VNC 5-2
verifying 7-7
cache size requirement 6-3
configuring required settings 6-2
security settings 6-2
supported versions 3-7, 3-11
Internet Information Server (IIS), requirement to uninstall 4-2
Java requirements 3-7, 3-11
LAN Management Solution (LMS), unsupported use 4-2
LiaisonServlet error, troubleshooting A-6
Product Authorization Key (PAK) 2-2
Security Manager kit part numbers 2-8
Software License Claim Certificate 2-2
updating 5-17
local upgrade path, definition of 5-5
log files A-18
client requirements 3-11
modify permissions 8-4
Network Access Restriction (NAR) 8-13
Cisco Secure ACS 8-10
CiscoWorks 8-6
activating NDG feature 8-19
associating with roles and user groups 8-27
configuring 8-18
creating 8-19
effect on user permissions 8-18
network operator role 8-6
client 3-10
overview 1-1, 2-1
pdshow command 7-2
pending data, committing 5-10
client recommendations 3-10
server best practices 4-1
server recommendations 3-4
logging into 6-12
overview 1-3
required user accounts 5-1
server requirements 3-4
uninstalling 5-19
updating licenses 5-17
upgrading 5-5
assigning roles in CiscoWorks 8-7
associating with user roles 8-11
categories 8-4
customizing for ACS 8-10
impact of NDGs 8-18
understanding 8-3
applying to a client 6-10
obtaining 5-18
disabling 6-5
disabling for Firefox 6-4
comprehensive list of required TCP/UDP A-2
configuring non-default HTTP/HTTPS 6-9
list of typically required 3-1
restarting server A-18
troubleshooting A-17
verifying 7-2
property files 5-10
remote desktop, using for installation 5-2
remote upgrade path, definition of 5-6
client 3-10
data and time settings 3-1, 4-3
general server 3-1
server 3-4
unsupported server configurations 3-4
Resource Manager Essentials (RME)
logging into 6-12
required user accounts 5-1
server requirements 3-4
uninstalling 5-19
updating licenses 5-17
upgrading 5-5
restorebackup.pl command 5-14
restore database 5-14
Cisco Secure ACS users 8-9
CiscoWorks users 8-6
Security 1-2
server best practices 4-1
security administrator role 8-10
committing pending data before upgrade 5-10
component applications 1-1
downgrading server 5-19
getting started with 7-8
installing 5-2
logging in using browser 6-12
logging in using client 6-10
overview 1-2
related applications 1-3
required changes after upgrade 5-15
required user accounts 5-1
restarting Daemon Manager 8-25
server requirements 3-4
service startup requirements A-1
troubleshooting interaction with ACS 8-28
uninstalling server 5-19
updating licenses 5-17
upgrading server 5-5
clearing server list in Login window A-15
configuring non-default HTTP/HTTPS port 6-9
determining HTTPS mode A-15
installing 6-6
locating client logs A-15
logging into 6-10
patching 6-10
resolving version mismatch A-15
running in dual-screen mode A-16
unable to upgrade 6-9
uninstalling 6-12
best practices for security 7-7
date and time settings 3-1, 4-3
general requirements 3-1
performance, best practices for enhancing 4-1
post installation tasks 7-1
preparation checklists 4-1
readiness checklist 4-3
requirements 3-4
security, best practices for enhancing 4-1
troubleshooting post-installation problems A-5
unsupported configurations 3-4
verifying processes 7-2
applying to a client 6-10
obtaining 5-18
services, minimum required for Windows 4-2
service startup requirements A-1
SMTP, configuring for ACS notifications 8-24
SSL certificate invalidation 4-3
storage, supported SAN 3-9
submit permissions 8-5
Sybase, requirement to disable 4-4
system administrator role 8-6
system identity user 8-15, 8-22
selecting as CiscoWorks AAA mode 8-23
using ACS as 8-12
comprehensive list of required ports A-2
list of typically required ports 3-1
Terminal Services, unsupported configuration 3-4
ACS configurations 8-28
antivirus scanners 4-2
client after installation A-13
client installation A-10
client installer says old version is installed when it is not A-13
collecting server troubleshooting information A-17
Cygwin prevents backup A-5
dual-screen setups A-16
client installation A-10
server installation A-4
server uninstallation A-8
host-based intrusion software 4-2
incorrect interface appearance A-5
installation does not run A-16
installation hangs A-5, A-12
invalid SSL certificate 4-3
java.security.cert errors 4-3
LiaisonServlet error A-6
mapped drives A-7
missing product features A-5
overview A-1, B-1
restarting server processes A-18
reviewing installation log files A-18
security software conflicts 4-2
server installation A-4
server problems after installation A-5
server processes A-17
server self-test A-16
server uninstall A-8
unable to upgrade client 6-9
uninstallation does not run A-16
uninstallation hangs A-9
typographical conventions in this document 2-x
comprehensive list of required ports A-2
list of typically required ports 3-1
recommendation to restart servers 5-19
Security Manager client 6-12
server applications 5-19
troubleshooting server A-8
upgrade, verifying 7-7
admin 5-1
casuser 5-1
creating 5-1
managing 8-1
System Identity 5-2
assigning roles in CiscoWorks 8-7
associating with user roles 8-11
categories 8-4
customizing for ACS 8-10
impact of NDGs 8-18
understanding 8-3
associating with user permissions 8-11
available CiscoWorks user roles 8-6
Cisco Secure ACS 8-9
CiscoWorks 8-6
default ACS roles 8-10
version mismatch, resolving A-15
view permissions 8-4
VMWare supported versions 3-7
VNC, using for installation 5-2
configuring required settings 6-1
logging into applications 6-12
supported 3-7, 3-11
Windows services, required 4-2
Index
activating NDG feature 8-19
adding devices as AAA clients without NDGs 8-17
adding managed devices 8-17
adding managed devices and configuring NDGs 8-27
adding multihomed devices 8-31
adding users 8-15
assigning roles to user groups 8-25
assigning roles to user groups with NDGs 8-27
assigning roles to user groups without NDGs 8-26
associating user roles and permissions 8-11
authentication fails 8-29
changes not appearing in Security Manager 8-30
configuring CiscoWorks AAA mode 8-23
configuring network device groups 8-18
configuring SMTP and e-mail for notifications 8-24
creating administration control user 8-20
creating local users in CiscoWorks 8-21
creating network device groups 8-19
customizing user roles 8-10
default roles 8-10
defining system identity user 8-15
devices not appearing in Security Manager 8-30
integrating with Security Manager 8-12
integration checklist 8-14
integration requirements 8-13
performing integration 8-15
performing integration in CiscoWorks 8-21
read-only access for system administrators 8-29
registering Security Manager 8-24
reinstalling server applications 5-3
restarting Daemon Manager 8-25
restoring access 8-31
troubleshooting 8-28
understanding user permissions 8-3
user permissions 8-4
using multiple versions of Security Manager 8-28
working after ACS becomes unreachable 8-30
managing 8-1
required 5-1
antivirus utilities, requirement to disable 4-3
downgrading server 5-19
installing and configuring client 6-1
installing and upgrading server 5-1
logging into 6-10
required changes after upgrading server 5-15
uninstalling server 5-19
upgrading server 5-5
approve permissions 8-5
approver role 8-6
assign permissions 8-5
authorization, changes in ACS for devices 8-30
installing 5-2
licensing 2-4, 2-7
logging into 6-12
overview 1-2
required user accounts 5-1
server requirements 3-4
uninstalling 5-19
upgrading 5-5
committing pending data before performing 5-10
Cygwin limitations A-5
database 5-12
backup/restore upgrade path, definition of 5-6
back up database 5-13
bootstrapping devices 7-8
browser cookies 6-2
configuring required settings 6-1
configuring required settings for Firefox 6-3
configuring required settings for Internet Explorer 6-2
logging into applications 6-12
supported 3-7, 3-11
requirement to create 7-1
troubleshooting 4-3
Cisco Security Agent, caution while disabled 6-7
Cisco Security Agent, disabling 6-7
installing 5-2
upgrading 5-5
assigning roles to users 8-7
associating user roles and permissions 8-11
available user roles 8-6
configuring AAA mode 8-23
creating administration control user in ACS 8-20
creating local user for Cisco Secure ACS 8-21
defining system identity user 8-22
installing 5-2
licensing 2-4, 2-7
logging into 6-12
overview 1-1
performing integration for Cisco Secure ACS 8-21
registering Security Manager with Cisco Secure ACS 8-24
required version 1-1
understanding user permissions 8-3
uninstalling 5-19
upgrading 5-5
clearing server list in Login window A-15
log files A-15
operating systems 3-10
requirements 3-10
troubleshooting after installation A-13
troubleshooting installation A-10
control permissions 8-5
cookies for browsers 6-2
Cygwin problems during database backup A-5
restarting after Cisco Secure ACS integration 8-25
backing up 5-12, 5-13
committing pending data before upgrade 5-10
restoring 5-14
date and time settings 3-1, 4-3
deploy permissions 8-5
bootstrapping 7-8
changes to ACS authorization not appearing in Security Manager 8-30
directory encryption, restriction against 3-4
domain controllers (primary or backup), unsupported use 3-4
dual-screen setups A-16
e-mail address, Security Manager administrator 8-24
encrypted directories, restriction against 3-4
client installation A-10
server installation A-4
server uninstallation A-8
cache size requirement 6-4
configuring required settings 6-3
disabling popup blocker 6-4
displaying help in new tab 6-5
editing the preferences file 6-3
enabling Javascript 6-4
supported versions 3-7, 3-11
for more information 7-8
help desk user role 8-6
HTTP, configuring non-default port 6-9
configuring non-default port 6-9
determining mode A-15
import permissions 8-5
indirect upgrade path, definition of 5-6
Security Manager, AUS, Common Services 5-2
Security Manager client 6-6
troubleshooting client A-10
troubleshooting server A-4
using remote desktop or VNC 5-2
verifying 7-7
cache size requirement 6-3
configuring required settings 6-2
security settings 6-2
supported versions 3-7, 3-11
Internet Information Server (IIS), requirement to uninstall 4-2
Java requirements 3-7, 3-11
LAN Management Solution (LMS), unsupported use 4-2
LiaisonServlet error, troubleshooting A-6
Product Authorization Key (PAK) 2-2
Security Manager kit part numbers 2-8
Software License Claim Certificate 2-2
updating 5-17
local upgrade path, definition of 5-5
log files A-18
client requirements 3-11
modify permissions 8-4
Network Access Restriction (NAR) 8-13
Cisco Secure ACS 8-10
CiscoWorks 8-6
activating NDG feature 8-19
associating with roles and user groups 8-27
configuring 8-18
creating 8-19
effect on user permissions 8-18
network operator role 8-6
client 3-10
overview 1-1, 2-1
pdshow command 7-2
pending data, committing 5-10
client recommendations 3-10
server best practices 4-1
server recommendations 3-4
logging into 6-12
overview 1-3
required user accounts 5-1
server requirements 3-4
uninstalling 5-19
updating licenses 5-17
upgrading 5-5
assigning roles in CiscoWorks 8-7
associating with user roles 8-11
categories 8-4
customizing for ACS 8-10
impact of NDGs 8-18
understanding 8-3
applying to a client 6-10
obtaining 5-18
disabling 6-5
disabling for Firefox 6-4
comprehensive list of required TCP/UDP A-2
configuring non-default HTTP/HTTPS 6-9
list of typically required 3-1
restarting server A-18
troubleshooting A-17
verifying 7-2
property files 5-10
remote desktop, using for installation 5-2
remote upgrade path, definition of 5-6
client 3-10
data and time settings 3-1, 4-3
general server 3-1
server 3-4
unsupported server configurations 3-4
Resource Manager Essentials (RME)
logging into 6-12
required user accounts 5-1
server requirements 3-4
uninstalling 5-19
updating licenses 5-17
upgrading 5-5
restorebackup.pl command 5-14
restore database 5-14
Cisco Secure ACS users 8-9
CiscoWorks users 8-6
Security 1-2
server best practices 4-1
security administrator role 8-10
committing pending data before upgrade 5-10
component applications 1-1
downgrading server 5-19
getting started with 7-8
installing 5-2
logging in using browser 6-12
logging in using client 6-10
overview 1-2
related applications 1-3
required changes after upgrade 5-15
required user accounts 5-1
restarting Daemon Manager 8-25
server requirements 3-4
service startup requirements A-1
troubleshooting interaction with ACS 8-28
uninstalling server 5-19
updating licenses 5-17
upgrading server 5-5
clearing server list in Login window A-15
configuring non-default HTTP/HTTPS port 6-9
determining HTTPS mode A-15
installing 6-6
locating client logs A-15
logging into 6-10
patching 6-10
resolving version mismatch A-15
running in dual-screen mode A-16
unable to upgrade 6-9
uninstalling 6-12
best practices for security 7-7
date and time settings 3-1, 4-3
general requirements 3-1
performance, best practices for enhancing 4-1
post installation tasks 7-1
preparation checklists 4-1
readiness checklist 4-3
requirements 3-4
security, best practices for enhancing 4-1
troubleshooting post-installation problems A-5
unsupported configurations 3-4
verifying processes 7-2
applying to a client 6-10
obtaining 5-18
services, minimum required for Windows 4-2
service startup requirements A-1
SMTP, configuring for ACS notifications 8-24
SSL certificate invalidation 4-3
storage, supported SAN 3-9
submit permissions 8-5
Sybase, requirement to disable 4-4
system administrator role 8-6
system identity user 8-15, 8-22
selecting as CiscoWorks AAA mode 8-23
using ACS as 8-12
comprehensive list of required ports A-2
list of typically required ports 3-1
Terminal Services, unsupported configuration 3-4
ACS configurations 8-28
antivirus scanners 4-2
client after installation A-13
client installation A-10
client installer says old version is installed when it is not A-13
collecting server troubleshooting information A-17
Cygwin prevents backup A-5
dual-screen setups A-16
client installation A-10
server installation A-4
server uninstallation A-8
host-based intrusion software 4-2
incorrect interface appearance A-5
installation does not run A-16
installation hangs A-5, A-12
invalid SSL certificate 4-3
java.security.cert errors 4-3
LiaisonServlet error A-6
mapped drives A-7
missing product features A-5
overview A-1, B-1
restarting server processes A-18
reviewing installation log files A-18
security software conflicts 4-2
server installation A-4
server problems after installation A-5
server processes A-17
server self-test A-16
server uninstall A-8
unable to upgrade client 6-9
uninstallation does not run A-16
uninstallation hangs A-9
typographical conventions in this document 2-x
comprehensive list of required ports A-2
list of typically required ports 3-1
recommendation to restart servers 5-19
Security Manager client 6-12
server applications 5-19
troubleshooting server A-8
upgrade, verifying 7-7
admin 5-1
casuser 5-1
creating 5-1
managing 8-1
System Identity 5-2
assigning roles in CiscoWorks 8-7
associating with user roles 8-11
categories 8-4
customizing for ACS 8-10
impact of NDGs 8-18
understanding 8-3
associating with user permissions 8-11
available CiscoWorks user roles 8-6
Cisco Secure ACS 8-9
CiscoWorks 8-6
default ACS roles 8-10
version mismatch, resolving A-15
view permissions 8-4
VMWare supported versions 3-7
VNC, using for installation 5-2
configuring required settings 6-1
logging into applications 6-12
supported 3-7, 3-11
Windows services, required 4-2