Device policies that can be
assigned to a device profile are as follows:
Core file policy
Fault policy
Logging policy
SNMP policy
Syslog policy
DNS server, NTP server and domain names can be assigned as inline policies. A time zone setting can also be assigned to the profile.
When the system boots up, the fault, logging, SNMP, and syslog policies already have existing default policies. The default policies cannot be deleted but may be modified. A device profile uses name resolution to resolve policy assignments. For details, see Name Resolution in a Multitenancy Environment
Device policies capture the device level configuration objects that can be applied to one of more VSGs. The following policies created under root only, in the Device Policies area, will be visible in the VNMC profile:
Core file policy
Fault policy
Logging policy
Syslog policy
Policies created under root are visible to both the VNMC profile and the Device profile.
Device Profiles
Device profiles specify device configuration policies that are applied on a per device basis. You create and delete device profiles on the Device Policies tab.
You create device profiles for the Cisco VSG. Policies that reside at the current level
or higher are available for assignment to a profile. If an assigned policy does not exist, the default policy is automatically assigned.
Configuring Device Policies
Configuring Core Policy
Adding a Core File Policy for Device Profile
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Core File node where you want to add a core file policy.
Note
You can add the policy at any organizational level.
Step 5
In the Work pane, click Add Core File Policy.
Step 6
In the Add Core File Policy dialog box, complete the following fields:
Name
Description
Name field
A user-defined name for the core file policy.
This name can be between 1 and 511 alphanumeric characters. You cannot use spaces or any special characters, and you cannot change this name after the object has been created.
Description field
A user-defined description of the core file.
Admin State drop-down list
This can be:
enabled—Enables the core file policy. TFTP is used.
disabled—Disables the core file policy.
Hostname field
The hostname or IP address to connect using TFTP.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
Port field
The port number to use when exporting the core dump file using TFTP.
Protocol field
The protocol used to export the core dump file.
Path field
The path to use when storing the core dump file on the remote system.
The default path is /tftpboot. To mention a sub folder under tftpboot, use, for example, /tftpboot/test.
Step 7
Click
OK.
Editing a Core File Policy for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Core File node where you want to edit a core file policy.
Step 5
In the Work pane, click the core_file_policy_name you want to edit.
Step 6
In the Work pane, General tab area, modify the following fields as appropriate:
Name
Description
Name field
A user-defined name for the core file policy.
Description field
A user-defined description of the core file.
Admin State drop-down list
This can be:
enabled—Enables the core file policy. TFTP is used.
disabled—Disables the core file policy.
Hostname field
The hostname or IP address to connect using TFTP.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
Port field
The port number to use when exporting the core dump file using TFTP.
Protocol
Displays the protocol used to export the core dump file.
Path check box
The path to use when storing the core dump file on the remote system.
The default path is /tftpboot. To mention a sub folder under tftpboot, use, for example, /tftpboot/test.
Step 7
Click
OK.
Deleting a Core File Policy for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Core File node where you want to delete a core file policy.
Step 5
In the Work pane, click on the core_file_policy_name you want to delete.
Step 6
In the Work pane, click Delete.
Step 7
In the Confirm dialog box, click Yes.
Configuring Fault Policies
Adding a Fault Policy for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Fault node where you want to add a Fault policy.
Note
You can add the policy at any organizational level.
Step 5
In the Work pane, click the Add Fault Policy link.
Step 6
In the Add Fault Policy dialog box, complete the following fields:
Name
Description
Name field
A user-defined name for the fault policy.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the fault policy.
Flapping Interval spinbox
Flapping occurs when a fault is raised and cleared several times
in rapid succession. To prevent this, the system does not allow a
fault to change its state until this amount of time has elapsed
since the last state change.
If the condition reoccurs during the flapping interval, the
fault returns to the active state. If the condition does not
reoccur during the flapping interval, the fault is cleared. What
happens at that point depends on the setting in the Clear Faults Retention Action field.
The number of hours, minutes, and seconds that should pass
before the system allows a fault to change its state.
The default flapping interval is 10 seconds.
Clear Faults Retention Action drop-down list
This can be:
retain—Retains the cleared
faults
section.
delete—The system immediately deletes all fault messages as soon as they
are marked as cleared.
Clear Faults Retention Interval radio-button
This can be:
forever—The system leaves all
cleared fault messages regardless of how
long they have been in the system.
other—The system displays the dd:hh:mm:ss
spinbox for selection of the number of days, hours, minutes, and seconds that should pass
before the system deletes a cleared fault message.
The default retention interval is 1 hour.
Step 7
Click
OK.
Editing a Fault Policy for Device Profile
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click and expand the Fault node where you want to edit the Fault policy.
Step 5
In the Work pane, click the Fault Policy_name you want to edit.
Step 6
In the Work pane, click the Edit link.
Step 7
In the Edit Fault Policy dialog box, edit the appropriate fields:
Name
Description
Name field
A user-defined name for the fault policy.
Description field
A user-defined description of the fault policy.
Flapping Interval spinbox
Flapping occurs when a fault is raised and cleared several times
in rapid succession. To prevent this, the system does not allow a
fault to change its state until this amount of time has elapsed
since the last state change.
If the condition reoccurs during the flapping interval, the
fault returns to the active state. If the condition does not
reoccur during the flapping interval, the fault is cleared. What
happens at that point depends on the setting in the Clear Faults Retention Action field.
The number of hours, minutes, and seconds that should pass
before the system allows a fault to change its state.
The default flapping interval is 10 seconds.
Clear Faults Retention Action drop-down list
This can be:
retain—Retains the cleared
faults
section.
delete—The system immediately deletes all fault messages as soon as they
are marked as cleared.
Clear Faults Retention Interval radio-button
This can be:
forever—The system leaves all
cleared fault messages regardless of how
long they have been in the system.
other—The system displays the dd:hh:mm:ss
spinbox for selection of the number of days, hours, minutes, and seconds that should pass
before the system deletes a cleared fault message.
The default retention interval is 1 hour.
Step 8
Click
OK.
Deleting a Fault Policy for Device Profile
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click and expand the Fault node where you want to delete the Fault policy.
Step 5
In the Work pane, click the Fault Policy_name you want to delete.
Step 6
In the Work pane, click the Delete link.
Step 7
In the Confirm dialog box, click OK.
Configuring Log File Policies
Adding a Logging Policy for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand the root node.
Step 4
Click the Log File node where you want to add a logging policy.
Note
You can add the policy at any organizational level.
Step 5
In the Work pane, click the Add Logging Policy link.
Step 6
In the Add Logging Policy dialog box, complete the following fields:
Name
Description
Name field
A user-defined name for the logging policy.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the logging policy.
Log Level drop-down list
The policy is logged upto or equal to the level based on this profile. This can be:
debug0
debug1
debug2
debug3
debug4
info
warn
minor
major
crit
The default log level is info.
Backup Files Count field
The number of backup files that are filled before they are overwritten.
The range is 1-9 files. The default is 2 files.
File Size (bytes) field
The backup file size.
The range is 1MB-100MB. The default file size is 5MB.
Step 7
Click
OK.
Editing a Logging Policy for Device Profile
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand the root node.
Step 4
Click and expand the Log File node where you want to edit the logging policy.
Step 5
In the Work pane, click the Logging Policy_name you want to edit.
Step 6
In the Edit Logging Policy dialog box, edit the appropriate fields:
Name
Description
Name field
A user-defined name for the logging policy.
Description field
A user-defined description of the logging policy.
Log Level drop-down list
The policy is logged upto or equal to the level based on this profile. This can be:
debug0
debug1
debug2
debug3
debug4
info
warn
minor
major
crit
The default log level is info.
Backup Files Count field
The number of backup files that are filled before they are overwritten.
The range is 1-9 files. The default is 2 files.
File Size (bytes) field
The backup file size.
The range is 1MB-100MB. The default file size is 5MB.
Step 7
Click
OK.
Deleting a Logging Policy for Device Profile
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand the root node.
Step 4
Click and expand the Log File node where you want to delete the logging policy.
Step 5
In the Work pane, click the Logging Policy_name you want to delete.
Step 6
In the Confirm dialog box, click
OK.
Configuring SNMP Policies
Adding an SNMP Policy
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the SNMP Policies node where you want to add an SNMP policy.
Note
You can add the policy at any organizational level.
Step 5
In the Work pane, click the Add SNMP link.
In the Add SNMP dialog box General tab area, complete the following fields:
Name
Description
Name field
A user-defined name for the SNMP policy.
This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters, and you cannot change this name after the object has been created.
Description field
A user-defined description of the SNMP policy.
Admin State drop-down list
The administrative state of the policy. This can be:
enabled—This is the default value.
disabled
Location field
The physical location for the device.
Contact field
The contact person for the device.
SNMP Port field
Specifies the port on which the SNMP agent is listening for requests.
In the Add SNMP dialog box Communities tab area, click the Add SNMP Community link, and complete the following fields:
Name
Description
Community field
The community name the system includes when it sends
the trap to the SNMP host. This must be the same community as you
configured for the SNMP service.
Role field
The role associated with the community string is read-only—This is the default value. Additional roles may be supported by specific SNMP agents.
In the Add SNMP dialog box Traps tab area, click the Add SNMP Trap link, and complete the following fields:
Name
Description
Hostname field
The IP address of the SNMP host to which the system should send the trap.
Port field
The port on which the SNMP Network Management System is listening for traps. The default port is 162.
Community field
The community name the system includes when it sends
the trap to the SNMP host. This must be the same community as you
configured for the SNMP service.
Click
OK.
Editing an SNMP Policy
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the SNMP Policies node where you want to edit an SNMP policy.
Step 5
In the Work pane, click the SNMP Policy_name you want to edit.
Step 6
Click the Edit link.
In the Edit SNMP dialog box General tab area, edit the appropriate information:
Name
Description
Name field
A user-defined name for the SNMP policy.
This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters, and you cannot change this name after the object has been created.
Description field
A user-defined description of the SNMP policy.
Admin State drop-down list
The administrative state of the policy. This can be:
enabled—This is the default value.
disabled
Location field
The physical location for the device.
Contact field
The contact person for the device.
SNMP Port field
Specifies the port on which the SNMP agent is listening for requests.
In the Edit SNMP dialog box Communities tab area, edit the appropriate information:
Name
Description
Community column
The community name the system includes when it sends
the trap to the SNMP host. This must be the same community as you
configured for the SNMP service.
Role column
The role associated with the community string is read-only—This is the default value. Additional roles may be supported by specific SNMP agents.
Note
Depending upon the object you select in the table, different options will appear in the area above the table.
In the Edit SNMP dialog box Trap tab area, edit the appropriate information:
Name
Description
Hostname field
The IP address of the SNMP host to which the system should send the trap.
Port field
The port on which the SNMP Network Management System is listening for traps. The default port is 162.
Community field
The community name the system includes when it sends
the trap to the SNMP host. This must be the same community as you
configured for the SNMP service.
Step 7
Click
OK.
Deleting an SNMP Policy
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click and expand the SNMP Policies node where you want to delete an SNMP policy.
Step 5
In the Work pane, click the SNMP Policy_name you want to delete.
Step 6
Click the Delete link.
Step 7
In the Confirm dialog box, click OK.
Adding an SNMP Trap Receiver
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the SNMP Policies > SNMP Policy_name where you want to add an SNMP trap.
Step 5
In the Work pane, Traps tab area, click the Add SNMP Trap link.
Step 6
In the Add SNMP Trap dialog box, complete the following fields:
Name
Description
Hostname field
The IP address of the SNMP host to which the system should send the trap.
Port field
The port on which the SNMP Network Management System is listening for traps. The default port is 162.
Community field
The community name the system includes when it sends
the trap to the SNMP host. This must be the same community as you
configured for the SNMP service.
Step 7
Click
OK.
Editing an SNMP Trap Receiver
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the SNMP Policies > SNMP Policy_name where you want to edit the SNMP trap.
Step 5
In the Work pane, Traps tab area, click the hostname to edit.
Step 6
Click the Edit link.
Step 7
In the Edit SNMP Trap dialog box, edit the appropriate fields:
Name
Description
Hostname field
The IP address of the SNMP host to which the system should send the trap.
Port field
The port on which the SNMP Network Management System is listening for traps. The default port is 162.
Community field
The community name the system includes when it sends
the trap to the SNMP host. This must be the same community as you
configured for the SNMP service.
Step 8
Click
OK.
Deleting an SNMP Trap Receiver
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the SNMP Policies > SNMP Policy_name where you want to delete the SNMP trap.
Step 5
In the Work pane, Traps tab area, click the hostname to delete.
Step 6
Click the Delete link.
Step 7
In the Confirm dialog box, click
OK.
Configuring Syslog Policies
Adding a Syslog Policy for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Syslog Policies node where you want to add a Syslog policy.
Note
You can add the policy at any organizational level.
Step 5
In the Work pane, click the Add Syslog link.
In the General tab area, complete the following fields:
Name
Description
Name field
A user-defined name for the syslog policy.
Description field
A user-defined description of the syslog policy.
Admin State drop-down list
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Port field
The TCP or UDP port where syslog messages should be sent.
In the Local Destinations tab area, complete the following fields in the Console area:
Name
Description
Admin State radio button
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Level radio button
If the
Admin State
is
enabled, select the lowest message level that you want displayed. The
system displays that level and above on the console.
This can be:
alerts
critical
emergencies
In the Local Destinations tab area, complete the following fields in the Monitor area:
Name
Description
Admin State radio button
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Level drop-down list
If the
Admin State
is
enabled, select the lowest message level that you want displayed. The
system displays that level and above on the console.
This can be:
emergencies (0)
alerts (1)
critical (2)
errors (3)
warnings (4)
notifications (5)
information (6)
debugging (7)
In the Local Destinations tab area, complete the following fields in the File area:
Name
Description
Admin State radio button
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Level drop-down list
If the
Admin State
is
enabled, select the lowest message level that you want displayed. The
system displays that level and above on the console.
This can be:
emergencies (0)
alerts (1)
critical (2)
errors (3)
warnings (4)
notifications (5)
information (6)
debugging (7)
File Name field
The name of the file in which the messages are logged.
Size (KB) field
The maximum size, in Kilobytes, the file can be before Cisco VNMC begins to write over the oldest messages with the newest ones.
Step 6
Click
OK.
Editing a Syslog Policy for Device Profile
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Syslog Policies node where you want to edit a Syslog policy.
Step 5
In the Work pane, click the Syslog Policy_name you want to edit.
Step 6
Click the
Edit link.
Step 7
In the Edit Syslog dialog box, do the following:
In the General tab area, edit the appropriate fields:
Name
Description
Name field
A user-defined name for the syslog policy.
Description field
A user-defined description of the syslog policy.
Admin State drop-down list
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Port field
The TCP or UDP port where syslog messages should be sent.
In the Local Destinations tab area, edit the appropriate fields in the Console area:
Name
Description
Admin State radio button
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Level radio button
If the
Admin State
is
enabled, select the lowest message level that you want displayed. The
system displays that level and above on the console.
This can be:
alerts
critical
emergencies
In the Local Destinations tab area, edit the appropriate fields in the Monitor area:
Name
Description
Admin State radio button
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Level drop-down list
If the
Admin State
is
enabled, select the lowest message level that you want displayed. The
system displays that level and above on the console.
This can be:
emergencies (0)
alerts (1)
critical (2)
errors (3)
warnings (4)
notifications (5)
information (6)
debugging (7)
In the Local Destinations tab area, appropriate the fields in the File area:
Name
Description
Admin State radio button
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Level drop-down list
If the
Admin State
is
enabled, select the lowest message level that you want displayed. The
system displays that level and above on the console.
This can be:
emergencies (0)
alerts (1)
critical (2)
errors (3)
warnings (4)
notifications (5)
information (6)
debugging (7)
File Name field
The name of the file in which the messages are logged.
Size (KB) field
The maximum size, in Kilobytes, the file can be before Cisco VNMC begins to write over the oldest messages with the newest ones.
Step 8
Click
OK.
Deleting a Syslog Policy for Device Profile
Note
When the system boots up, a default policy already exists. The default policy cannot be deleted but may be modified.
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Syslog Policies node where you want to delete a Syslog policy.
Step 5
In the Work pane, click the Syslog Policy_name you want to delete.
Step 6
Click the
Delete link.
Step 7
In the Confirm dialog box, click
OK.
Adding a Syslog Server for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Syslog Policies > Syslog Policy_name where you want to add a Syslog server.
Step 5
In the Work pane Servers tab area, click the Add Syslog Server link.
Step 6
In the Add Syslog Server dialog box, complete the following fields:
Name
Description
Server Type column
This can be:
primary
secondary
tertiary
Hostname column
The hostname or IP address on which the syslog file resides.
Admin State column
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Severity column
The severity level. This can be:
emergencies (0)
alerts (1)
critical (2)
errors (3)
warnings (4)
notifications (5)
information (6)
debugging (7)
Forwarding Facility column
This can be:
auth
authpriv
cron
daemon
ftp
kernel
local0
local1
local2
local3
local4
local5
local6
lpr
mail
news
syslog
user
uucp
Step 7
Click
OK.
Editing a Syslog Server for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click the Syslog Policies node where you want to edit a Syslog server.
Step 5
In the Work pane, click the appropriate Syslog Policy_name.
Step 6
Click the
Edit link.
Step 7
In the Edit Syslog dialog box Servers tab area, edit the appropriate fields:
Name
Description
Server Type column
This can be:
primary
secondary
tertiary
Hostname column
The hostname or IP address on which the syslog file resides.
Admin State column
This can be:
enabled
disabled
Note
Syslog policy is enabled if at least one syslog server is enabled. If all syslog server children are disabled, then this policy is disabled.
Severity column
The severity level. This can be:
emergencies (0)
alerts (1)
critical (2)
errors (3)
warnings (4)
notifications (5)
information (6)
debugging (7)
Forwarding Facility column
This can be:
auth
authpriv
cron
daemon
ftp
kernel
local0
local1
local2
local3
local4
local5
local6
lpr
mail
news
syslog
user
uucp
Step 8
Click
OK.
Deleting a Syslog Server for Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Configuration > root.
Step 4
Click Syslog Policies > Syslog Policy_name where you want to delete a Syslog server.
Step 5
In the Work pane, click the appropriate server you want to delete.
Step 6
Click the
Delete link.
Step 7
In the Confirm dialog box, click
OK.
Configuring Device Profiles
Adding a Firewall Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Profile > root.
Step 4
Click a Profiles node where you want to add a firewall device profile.
Note
You can add the component at any organizational level.
Step 5
In the Work pane, click the Add Firewall Device Profile link.
Step 6
In the Add Firewall Device Profile dialog box, General tab area, complete the following fields:
Name
Description
Name field
A system-defined name for this profile.
Description field
A user-defined description of the profile.
Time Zone drop-down list
A list of time zones for user selection.
Step 7
In the Add Firewall Device Profile dialog box Policy tab area, do the following:
In the DNS Servers area, complete the following fields as appropriate:
Name
Description
Add DNS Server link
Opens a dialog box that allows you to specify a new DNS server.
Delete link
Deletes the DNS server IP address selected in the IP Address table.
Up and Down arrows
Changes the priority of the selected DNS Server IP address.
IP Address table
Contains the IP addresses for the DNS servers configured in the system.
VNMC uses the DNS servers in the order they appear in the table.
In the NTP Servers area, complete the following fields as appropriate:
Name
Description
Add NTP Server link
Opens a dialog box that allows you to specify a new NTP server.
Delete link
Deletes the NTP server hostname selected in the Hostname table.
Up and Down arrows
Changes the priority of the selected NTP Server hostname.
Hostname table
Contains the NTP server hostnames configured in the system.
VNMC uses the NTP server hostnames in the order they appear in the table.
In the DNS Domains area, complete the following fields as appropriate:
Name
Description
Add Domain link
Opens a dialog box that allows you to specify the DNS name and domain name.
Edit link
Edits the DNS domain name selected in the DNS Domains table.
The default DNS name cannot be edited.
Delete link
Deletes the DNS domain name selected in the DNS Domains table.
DNS Domains table
Contains the DNS domains names and domains configured in the system.
In the Log area, complete the following fields as appropriate:
Name
Description
SNMP area
The SNMP policies associated with this profile can be selected, added, or edited.
Syslog area
The syslog policies associated with this profile can be selected, added, or edited.
Fault area
The fault policy associated with this profile can be selected, added, or edited.
Core File area
The core file policy associated with this profile can be selected, added, or edited.
Policy Agent Log File area
The policy agent log file policy associated with this profile can be selected, added, or edited.
Policy Engine Logging radio button
This can be:
enabled
disabled
Click
OK.
Step 8
In the Add Firewall Device Profile dialog box, click
OK.
Editing a Firewall Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Profile > root.
Step 4
In the Work pane, click the Profiles > Profiles_name node where you want to edit a firewall device profile.
Step 5
In the Work pane, General tab area, change the following fields as appropriate:
Name
Description
Name field
A system-defined name for this profile.
Description field
A user-defined description of the profile.
Time Zone drop-down list
A list of time zones for user selection.
Step 6
In the Work pane Policy tab area, do the following:
In the DNS Servers area, change the following fields as appropriate:
Name
Description
Add DNS Server link
Opens a dialog box that allows you to specify a new DNS server.
Delete link
Deletes the DNS server IP address selected in the IP Address table.
Up and Down arrows
Changes the priority of the selected DNS Server IP address.
IP Address table
Contains the IP addresses for the DNS servers configured in the system.
VNMC uses the DNS servers in the order they appear in the table.
In the NTP Servers area, change the following fields as appropriate:
Name
Description
Add NTP Server link
Opens a dialog box that allows you to specify a new NTP server.
Delete link
Deletes the NTP server hostname selected in the Hostname table.
Up and Down arrows
Changes the priority of the selected NTP Server hostname.
Hostname table
Contains the NTP server hostnames configured in the system.
VNMC uses the NTP server hostnames in the order they appear in the table.
In the DNS Domains area, change the following fields as appropriate:
Name
Description
Add Domain link
Opens a dialog box that allows you to specify the DNS name and domain name.
Edit link
Edits the DNS domain name selected in the DNS Domains table.
The default DNS name cannot be edited.
Delete link
Deletes the DNS domain name selected in the DNS Domains table.
DNS Domains table
Contains the DNS domains names and domains configured in the system.
In the Log area, change the following fields as appropriate:
Name
Description
SNMP area
The SNMP policies associated with this profile can be selected, added, or edited.
Syslog area
The syslog policies associated with this profile can be selected, added, or edited.
Fault area
The fault policy associated with this profile can be selected, added, or edited.
Core File area
The core file policy associated with this profile can be selected, added, or edited.
Policy Agent Log File area
The policy agent log file policy associated with this profile can be selected, added, or edited.
Policy Engine Logging radio button
This can be:
enabled
disabled
Step 7
Click
OK.
Deleting a Firewall Device Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Device Policies subtab.
Step 3
In the Navigation pane, expand Device Profile > root.
Step 4
In the Work pane, expand the root node in the table, and click on the firewall device profile you want to delete.