|
Table Of Contents
Setting Up the CiscoWorks2000 Server
Installing Client Application Manager
Setting Up the CiscoWorks2000 Server
The CiscoWorks2000 Server includes tools required to properly set up the server to support other CiscoWorks2000 applications. These features include:
•Installing Client Application Manager
Setting Up User Accounts
Several CiscoWorks2000 network management and application management operations are potentially disruptive to either the network or to the applications themselves and must be protected.
To prevent such operations from being used accidentally or maliciously, CiscoWorks2000 uses a multilevel security system that only allows access to certain features to users who can authenticate themselves at the appropriate level.
CiscoWorks2000 provides two predefined login IDs, but you create additional unique login IDs for users at your company:
•guest (no password required, user role = Help Desk)
•admin (password = admin, user role = super user)
Note The login named admin is the equivalent of the superuser login for CiscoWorks2000. This login provides access to all CiscoWorks2000 tasks.
CautionWhen the system is installed initially, admin is the default password. To prevent all users from accessing privileged applications, change the password for admin immediately after installation. The guest login has no password. If you require passwords, add a guest password.
Understanding Security Levels
System administrators determine user security levels when they are granted access to CiscoWorks2000. When users are granted logins to the CiscoWorks2000 application, they are assigned one or more roles. The user role or combination of roles dictates which CiscoWorks2000 applications are presented to the user on the navigation tree. shows available security levels.
Table 3-1 Security Levels
Level Description0
Help Desk
1
Approver
2
Network Operator
4
Network Administrator
8
System Administrator
To see which security levels are allowed to use the CiscoWorks2000 applications, run the CiscoWorks2000 Server > Setup > Security > Permissions Report.
Performing Security Tasks
Users can perform some tasks for their own accounts, but most security tasks require system administrator role privileges. When performing these security tasks (see ), consider the following:
•CiscoWorks2000 cannot recover forgotten passwords. A system administrator-level user must either change the password or delete and then add the user again.
•The username admin is reserved and cannot be deleted.
•If the administrator has changed and forgotten the admin password, contact your Cisco technical representative.
Installing Client Application Manager
You can improve the performance of some CiscoWorks2000 applications by downloading and installing server files on your local machine. Whenever a client browser connects to a CiscoWorks2000 Server, you can choose to install Client Application Manager (CAM).
You can install CAM by selecting CiscoWorks2000 Server > Setup > Client Manager Admin or choosing to install when the CAM dialog box appears after accessing a CiscoWorks2000 application that uses CAM.
If the CAM dialog box appears after you make a selection from the navigation tree, you can choose not to install CAM. Click on the check box to not show the message again and click No. If you do not select the check box, the CAM dialog box will appear each time you select an application that supports client-side installed files.
Configuring the ANI Server
Some CiscoWorks2000 applications require the Asynchronous Network Interface (ANI) Server to automatically discover network devices. If your application does not use or require the ANI Server, it is not available in the navigation tree.
For applications that require the ANI Server, it is critical that you set up your network and the ANI Server to ensure that the network is properly discovered.
Setting Up Your Network
The table (see ) provides an overview of the tasks required to ensure that ANI properly discovers your network. Detailed information and instructions are available in the ANI Server Admin online help.
To perform these tasks, use the Command Line Interface (CLI) of the network devices in your network. Refer to the command reference guides for specific devices to obtain instructions about performing these tasks.
Setting Up the ANI Server
The ANI Server automatically discovers devices in your network at a defined interval. To do this, the ANI Server must have access to your network devices a discovery starting point.
You provide ANI access to your network devices by ensuring that the community strings on your devices are known to the ANI Server. The ANI Server uses your specified seed device (or a set of seed devices) to initiate discovery. See for a description of these and other tasks you can perform with the ANI Server.
.