3-53
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 3 Managing the Device Inventory
Working with the Device Inventory
Step 2 Share the local policies defined on the device:
a. Right-click the device in the Device selector, then select Share Device Policies. By default, all
policies configured on the device (local and shared) are selected for sharing in the Share Policies
wizard.
b. Deselect the check box next to each existing shared policy, as indicated by the hand in the policy
icon. You should do this because there is no need to create a copy of the shared policies that already
exist; you will reassign the existing shared policies after the image version upgrade.
c. Enter a name for the shared policies. We recommend using the device name as a convenient means
of identification. For example, if the device name is MyRouter, each shared policy is given the name
MyRouter. Make a note of all the policies you are creating for this purpose.
d. Click Finish. The selected local policies become shared policies.
Step 3 Delete the device from Security Manager.
Step 4 Make the desired change to the device, for example, upgrade the image version, change the operational
mode, or replace the device.
Step 5 Add the device back to Security Manager and perform policy discovery.
Step 6 Reassign the policies to the device:
a. Right-click the first policy type displayed in the Device Policies selector, then select Assign Shared
Policy.
b. In the Assign Shared Policy dialog box, do one of the following:
If a local policy was previously defined on the device, select the shared policy you created for
this procedure and click OK.
If a shared policy of this type was previously assigned to the device, select it and click OK.
c. (Local policies only) Right-click the policy type again in the Device Policies selector, then select
Unshare Policy.
d. Repeat the process for each policy type that is relevant to the device’s configuration. If a shared
policy is not available, this indicates that this is a policy type that was not available for the previous
image version.
Step 7 (Optional) Delete the shared policies created for this procedure from Policy view:
a. Select View > Policy View or click the Policy View icon on the toolbar.
b. Select one of the policies you want to delete and click the Assignments tab in the work area to verify
that the policy is not assigned to any devices.
c. Click the Delete Policy button beneath the Shared Policy selector to delete the policy.
d. Repeat the process for each policy type that you want to delete.
Showing Device Containment
You can display the service modules, security contexts, and virtual sensors that are contained in devices
that include them. Based on the type of device, you can view these contained elements:
Catalyst 6500 devices—The IDSM and FWSM service modules, security contexts, and virtual
sensors.