35-24
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 35 Getting Started with IPS Configuration
Configuring the External Product Interface
Agents that reside on and protect network hosts.
A management console, which is an application that manages agents. It downloads security policy
updates to agents and uploads operational information from agents.
Before You Begin
Add the external product as an allowed host so that Security Manager allows the sensor to communicate
with the external product. For more information, see Identifying Allowed Hosts, page35-7.
Step 1 Do one of the following to open the External Product Interface policy:
(Device view) Select Platform > Device Admin > Server Access > External Product Interface
from the Policy selector.
(Policy view) Select IPS > Platform > Device Admin > Server Access > External Product
Interface, then select an existing policy or create a new one.
The Management Center for Cisco Security Agents tab shows any existing definitions, including the
IP address (or network/host object), URL, and port of the external application, the username and
password used to log into it, and whether the connection is enabled. The interface type is always
Extended SDEE.
Step 2 Do one of the following:
To add a server, click the Add Row (+) button. This opens the External Product Interface dialog box.
Enter the information required to identify the server and configure the posture ACLs. For detailed
information on the settings, see External Product Interface Dialog Box, page 35-24.
You can add at most two servers.
To edit a server, select it and click the Edit Row (pencil) button and make the required changes in
the External Product Interface dialog box.
To delete a server, select it and click the Delete Row (trash can) button.
External Product Interface Dialog Box
Use the Add or Edit External Product Interface dialog box to add or modify interfaces between
Management Center for Cisco Security Agents (CSA MC) and the IPS device and the related posture
ACLs.
Navigation Path
From the External Product Interface IPS platform policy, click Add Row or select an entry and click
Edit Row. For information on opening the External Product Interface policy, see Configuring the
External Product Interface, page 35-23.
Field Reference
Table35-6 External Product Interface Dialog Box
Element Description
External Product’s IP
Address
The IP address, or the network/host policy object that contains the
address, of the external product. Enter the IP address or object name, or
click Select to select an object from a list or to create a new one.