Техническая Инструкция для Cisco Cisco Security Manager 4.1
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Managing a Cluster of Cisco Security
Manager 4.1 Servers
Manager 4.1 Servers
First Published: March 2011
Abstract
Cisco Security Manager enables enterprises to manage and scale security operations efficiently and
accurately. Security Manager integrates a powerful suite of capabilities including policy and object
management, event management, reporting, and troubleshooting that are essential to maintaining
security posture in today’s ever changing threat environment. Cisco Security Manager supports a range
of security solutions, including Cisco ASA 5500 Series Adaptive Security Appliances, Cisco IPS 4200
Series Sensor Appliances, and the Cisco AnyConnect Secure Mobility Client.
accurately. Security Manager integrates a powerful suite of capabilities including policy and object
management, event management, reporting, and troubleshooting that are essential to maintaining
security posture in today’s ever changing threat environment. Cisco Security Manager supports a range
of security solutions, including Cisco ASA 5500 Series Adaptive Security Appliances, Cisco IPS 4200
Series Sensor Appliances, and the Cisco AnyConnect Secure Mobility Client.
A Security Manager server cluster is two or more Security Manager servers used to manage a network.
Typically, you want to maintain some relationship between the servers. Although there is no systematic
relationship between the servers in the cluster, Cisco Security Manager 4.1 introduces import/export
features that you can use to copy shared policies, or devices plus their assigned policies, between
Security Manager servers.
Typically, you want to maintain some relationship between the servers. Although there is no systematic
relationship between the servers in the cluster, Cisco Security Manager 4.1 introduces import/export
features that you can use to copy shared policies, or devices plus their assigned policies, between
Security Manager servers.
Unlike previous Security Manager device import/export features, the new device import/export feature
includes all of the policies, policy objects, and shared policies assigned to the exported devices. Thus,
when importing the devices, you are also importing all of the policies, which preserves the work you
have done to create and assign local and shared policies. Device rediscovery is not needed.
includes all of the policies, policy objects, and shared policies assigned to the exported devices. Thus,
when importing the devices, you are also importing all of the policies, which preserves the work you
have done to create and assign local and shared policies. Device rediscovery is not needed.
The shared policy import/export feature allows you to export shared policies, whether they are assigned
to a device or not, and import them into another Security Manager server. Thus, you can designate a
single Security Manager server as the master policy server, configure the shared policies on that server,
and export them to your other Security Manager servers. Device assignments for the shared policies are
not altered by the import, so that newly imported policies are automatically applied to the devices to
which they are assigned on the server.
to a device or not, and import them into another Security Manager server. Thus, you can designate a
single Security Manager server as the master policy server, configure the shared policies on that server,
and export them to your other Security Manager servers. Device assignments for the shared policies are
not altered by the import, so that newly imported policies are automatically applied to the devices to
which they are assigned on the server.
Although there is no programmatic relationship among Security Manager servers, these features allow
you to treat multiple servers as if they were a coordinated cluster managing a single network.
you to treat multiple servers as if they were a coordinated cluster managing a single network.