Cisco Cisco Content Security Management Appliance M160 Guía Del Usuario
14-44
AsyncOS 8.1 for Cisco Content Security Management User Guide
Chapter 14 Common Administrative Tasks
•
You can download the existing configuration file to view the entire configuration for an appliance
quickly. (Many newer browsers include the ability to render XML files directly.) This may help you
troubleshoot minor errors (like typographic errors) that may exist in the current configuration.
quickly. (Many newer browsers include the ability to render XML files directly.) This may help you
troubleshoot minor errors (like typographic errors) that may exist in the current configuration.
•
You can download an existing configuration file, make changes to it, and upload it to the same
appliance. This, in effect, “bypasses” both the CLI and the GUI for making configuration changes.
appliance. This, in effect, “bypasses” both the CLI and the GUI for making configuration changes.
•
You can upload an entire configuration file through FTP, or you can paste portions of a configuration
file directly into the CLI.
file directly into the CLI.
•
Because the file is in XML format, an associated document type definition (DTD) that describes all
of the XML entities in the configuration file is also provided. You can download the DTD to validate
an XML configuration file before uploading it. (XML validation tools are readily available on the
Internet.)
of the XML entities in the configuration file is also provided. You can download the DTD to validate
an XML configuration file before uploading it. (XML validation tools are readily available on the
Internet.)
Managing Multiple Appliances with XML Configuration Files
Warning
If you want to import a configuration file from one Security Management appliance into another
Security Management appliance:
Security Management appliance:
Everything in the original configuration, including the IP Address, is included in the configuration file.
Either edit the configuration file to change the IP address, or be sure the original Security
Management appliance is offline.
Either edit the configuration file to change the IP address, or be sure the original Security
Management appliance is offline.
Also, be aware that the SSH authentication connection will terminate. When this happens, you will
need to re-establish the connection for all connected Web Security appliances and Email Security
appliances.
need to re-establish the connection for all connected Web Security appliances and Email Security
appliances.
•
You can download an existing configuration file from one appliance, make changes to it, and upload
it to a different appliance. This lets you manage an installation of multiple appliances more easily.
However, you cannot load configuration files from Email Security appliances onto a Security
Management appliance.
it to a different appliance. This lets you manage an installation of multiple appliances more easily.
However, you cannot load configuration files from Email Security appliances onto a Security
Management appliance.
•
You can divide an existing configuration file downloaded from one appliance into multiple
subsections. You can modify those sections that are common among all appliances (in a multiple
appliance environment) and load them onto other appliances as the subsections are updated.
subsections. You can modify those sections that are common among all appliances (in a multiple
appliance environment) and load them onto other appliances as the subsections are updated.
For example, you could use an appliance in a test environment for testing the Global Unsubscribe
command. When you feel that you have configured the Global Unsubscribe list appropriately, you
could then load the Global Unsubscribe configuration section from the test appliance to all of your
production appliances.
command. When you feel that you have configured the Global Unsubscribe list appropriately, you
could then load the Global Unsubscribe configuration section from the test appliance to all of your
production appliances.
Managing Configuration Files
To manage configuration files on your appliance, choose Management Appliance > System
Administration > Configuration File.
Administration > Configuration File.
The Configuration File page contains the following sections:
•
Current Configuration: used to save and export the current configuration file
•
Load Configuration: used to load a complete or partial configuration file
•
End-User Safelist/Blocklist Database (Cisco IronPort Spam Quarantine): used to manage the
safelist/blocklist database
safelist/blocklist database