3-34
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 3 Managing the Device Inventory
Working with the Device Inventory
Working with the Device Inventory
The following topics describe tasks related to managing the device inventory.
Adding, Editing, or Deleting Auto Update Servers or Configuration Engines, page3-35
Adding or Changing Interface Modules, page 3-39
Viewing or Changing Device Properties, page3-39
Platform Settings Whether to discover the platform settings, which are also called
platform-specific policy domains. Platform-specific policy domains
exist on firewall devices and Cisco IOS routers. These domains contain
policies that configure features that are specific to the selected
platform. For more information, see Service Policies vs.
Platform-Specific Policies, page 5-2.
Firewall Policies Whether to discover firewall policies, which are also called firewall
services. Firewall services include policies such as access rules,
inspection rules, AAA rules, web filter rules, and transparent rules. For
details see, Chapter 12, “Introduction to Firewall Services”
IPS Policies Whether to discover IPS policies such as signatures and virtual sensors.
For more information, see Overview of IPS Configuration, page35-5 or
Overview of Cisco IOS IPS Configuration, page44-3.
RA VPN Policies Whether to discover IPSec and SSL remote access VPN policies such
as IKE proposals and IPsec proposals. This option is disabled if the
device does not support remote access VPN configuration. For more
information, see Chapter 29, “Managing Remote Access VPNs: The
Basics”.
Discover Policies for
Security Contexts
For devices running in multiple-context mode, where more than one
security context is defined on the device, whether to discover those
security contexts.
Tran spo rt
The transport settings determine the method Security Manager will use to contact the device. Each
device type has a default method, but you can select your preferred transport method. The device must
be configured to respond to the method you select. If you are not performing device discovery, the
device is not contacted.
Protocol The protocol Security Manager should use when connecting to the
device.
Server For devices that use them, the name of the Auto Update Server (AUS)
or Configuration Engine server the device uses to obtain configuration
updates. The server must already be defined in Security Manager, or
you must select the server from the import list, to import devices that
use these servers.
Device Identity For devices that use servers, the string value that uniquely identifies the
device in the Auto Update Server or the Configuration Engine.
Table3-7 New Device Wizard, Device Information Page When Adding Devices from Inventory
Files (Continued)
Element Description