69-24
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 69 Using External Monitoring, Troubleshooting, and Diagnostic Tools
Integrating CS-MARS and Security Manager
Configuring the Security Manager Server to Respond to CS-MARS Policy Queries
CS-MARS must be allowed access to the Security Manager server so that it can perform policy lookup
queries and obtain policy information.
If you are using Common Services AAA authentication on the server (for example, Cisco Secure
ACS), you must update the administrative access settings to ensure that CS-MARS has the necessary
client access to the Security Manager server.
Define a user account in Security Manager that CS-MARS can use to perform queries. A separate
account is recommended to provide a specific audit trail on the Security Manager server. This
account must be assigned one of the following Common Services roles:
Approver
Network Operator
Network Administrator
System Administrator
Users with the Help Desk security level can only view the policy look-up table in CS-MARS; that is,
they cannot cross-launch Security Manager to modify policies.
Note When you register a Security Manager server with CS-MARS, if you choose to prompt for Security
Manager credentials for policy table look-up, a separate CS-MARS account in Common Services for
authentication purposes might not be necessary.
For more information on adding users and associating roles with them in Common Services, see the User
Guide for CiscoWorks Common Services.
Related Topics
Registering CS-MARS Servers in Security Manager, page 69-24
Discovering or Changing the CS-MARS Controllers for a Device, page69-25
Registering CS-MARS Servers in Security Manager
As described in Checklist for Integrating CS-MARS with Security Manager, page69-23, you must
register your CS-MARS controllers with Security Manager to enable cross-communication between the
applications if you intend to use the applications together.
Then, when a user looks up events for a device, Security Manager identifies the CS-MARS controller
that is collecting events for that device. If more than one CS-MARS controller is collecting events for a
device, the user can select which to use. You can also specify the correct CS-MARS controller to use in
the Device Properties window for each device. (See Discovering or Changing the CS-MARS Controllers
for a Device, page 69-25 for more information.)
Note For information about the CS-MARS versions explicitly supported by Security Manager, see the Release
Notes for Cisco Security Manager for this version of the product. If you do try to use a version that is
not explicitly supported, you cannot use CS-MARS versions earlier than 4.3.4 or 5.3.4.
Step 1 Choose Tools > Security Manager Administration and select CS-MARS in the table of contents to
display the CS-MARS Page, page 11-4.