1-26
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 1 Getting Started with Security Manager
Completing the Initial Security Manager Configuration
Changing Workflow Modes
You can change the workflow mode that Security Manager enforces if you have the appropriate
administrator permissions. Changing the workflow mode has significant effects on users. Before making
a change, be sure to understand the following:
When you change the workflow mode, the change will take effect for all Security Manager users
working from the same server.
Before you can change from Workflow mode to non-Workflow mode, all activities in editable states
(Edit, Edit Open, Submit, or Submit Open) must be approved or discarded, and all generated jobs
must be deployed, rejected, discarded, or aborted so that the locks on the devices can be released.
You do not have to do anything to jobs that are in the failed state.
Before you can disable Ticket Management in non-Workflow mode, all tickets in editable states
(Edit or Edit Open) must be submitted or discarded.
If you change from Workflow mode to non-Workflow mode and then restore an earlier version of
the database, Security Manager automatically changes to Workflow mode if the restored database
has any activities in an editable state (Edit, Edit Open, Submit, or Submit Open). Approve or delete
the editable activities, and then turn Workflow mode off again.
When changing from non-Workflow mode to Workflow mode or enabling Ticket Management in
non-Workflow mode, current configuration sessions are listed as activities/tickets in the Edit_Open
state, and these activities/tickets must now be explicitly managed.
When Ticket Management is enabled or disabled, any other users logged into Security Manager are
logged out.
For an explanation of workflow modes, see Workflow and Activities Overview, page 1-18.
Step 1 In Configuration Manager, select Tools > Security Manager Administration and select Workf low
from the table of contents to open the Workflow page (see Workflow Page, page 11-54).
Step 2 Configure the workflow mode settings in the Workflow Control group. If you select Enable Workflow
(to use Workflow mode), you can also select these options:
Require Activity Approval—To enforce explicit approval of activities before policy changes are
committed to the database.
Require Deployment Approval—To enforce explicit approval of deployment jobs before they can be
run.
Step 3 Configure the e-mail notification settings. These are the default e-mail addresses for the e-mail sender
(that is, Security Manager), the approvers, and another person or e-mail alias who should be notified
when deployment jobs are complete.
You also have the options to include the job deployer when sending notifications of job status, and to
require that e-mail notifications are sent for deployment job status changes.
Step 4 Click Save to save and apply changes.
Step 5 Select Work fl ow from the table of contents to open the Ticket Management page (see Ticket
Management Page, page 11-51).
Step 6 Configure the Ticket Management settings. If you select Enable Ticketing, you can also select these
options:
Note See Ticket Management Page, page 11-51 for detailed information on these fields.