Cisco Systems CL-28826-01 Changing Workflow Modes

1-26

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 1 Getting Started with Security Manager

Completing the Initial Security Manager Configuration

Changing Workflow Modes

You can change the workflow mode that Security Manager enforces if you have the appropriate

administrator permissions. Changing the workflow mode has significant effects on users. Before making

a change, be sure to understand the following:

•When you change the workflow mode, the change will take effect for all Security Manager users

working from the same server.

•Before you can change from Workflow mode to non-Workflow mode, all activities in editable states

(Edit, Edit Open, Submit, or Submit Open) must be approved or discarded, and all generated jobs

must be deployed, rejected, discarded, or aborted so that the locks on the devices can be released.

You do not have to do anything to jobs that are in the failed state.

•Before you can disable Ticket Management in non-Workflow mode, all tickets in editable states

(Edit or Edit Open) must be submitted or discarded.

•If you change from Workflow mode to non-Workflow mode and then restore an earlier version of

the database, Security Manager automatically changes to Workflow mode if the restored database

has any activities in an editable state (Edit, Edit Open, Submit, or Submit Open). Approve or delete

the editable activities, and then turn Workflow mode off again.

•When changing from non-Workflow mode to Workflow mode or enabling Ticket Management in

non-Workflow mode, current configuration sessions are listed as activities/tickets in the Edit_Open

state, and these activities/tickets must now be explicitly managed.

•When Ticket Management is enabled or disabled, any other users logged into Security Manager are

logged out.

For an explanation of workflow modes, see Workflow and Activities Overview, page 1-18.

Step 1 In Configuration Manager, select Tools > Security Manager Administration and select Workf low

from the table of contents to open the Workflow page (see Workflow Page, page 11-54).

Step 2 Configure the workflow mode settings in the Workflow Control group. If you select Enable Workflow

(to use Workflow mode), you can also select these options:

•Require Activity Approval—To enforce explicit approval of activities before policy changes are

committed to the database.

•Require Deployment Approval—To enforce explicit approval of deployment jobs before they can be

run.

Step 3 Configure the e-mail notification settings. These are the default e-mail addresses for the e-mail sender

(that is, Security Manager), the approvers, and another person or e-mail alias who should be notified

when deployment jobs are complete.

You also have the options to include the job deployer when sending notifications of job status, and to

require that e-mail notifications are sent for deployment job status changes.

Step 4 Click Save to save and apply changes.

Step 5 Select Work fl ow from the table of contents to open the Ticket Management page (see Ticket

Management Page, page 11-51).

Step 6 Configure the Ticket Management settings. If you select Enable Ticketing, you can also select these

options:

Note See Ticket Management Page, page 11-51 for detailed information on these fields.