Техническое РуководствоСодержаниеCisco Security Manager 4.4 API Specification1(Version 1.1)1Version 1.0 Published: June 14, 20121Version 1.0 Revised: July 10, 2012 (added sample programs to Section 8)1Table of Contents2List of Figures4List of Tables81 Overview111.1 Scope111.2 Changes since previous version121.2.1 Unified Access Rules121.2.2 Security Policy Object121.2.3 Network object121.2.4 Return user/ticket that last modified a config rule.121.2.5 Add device status – up/down as part of the event service121.2.6 Exec command API call will be supporting custom timeouts.121.2.7 API enhancement to return list of all the shared Policies defined in CSM.121.2.8 Return the Device’s SysObjectID in the Device Object.131.2.9 CSM Audit Logs should differentiate between logins through API and CSM client.131.2.10 New Firewall Policies131.3 Audience131.4 References131.5 Glossary141.6 Conventions141.7 Overview of CSM Message Flows161.8 Licensing171.9 Prerequisites181.10 API Administration Settings181.11 Debug Settings192 Common Service API202.1 Object Model202.1.1 Object Identifier202.1.2 Base Object202.1.3 Device212.1.3.1 Interface232.1.3.2 Firewall Capabilities242.1.4 DeviceGroup242.1.5 Port Identifier252.1.6 BaseError262.2 Methods282.2.1 Common Request & Response282.2.1.1 Pagination282.2.2 Method login292.2.2.1 Request292.2.2.2 Response312.2.3 Method logout342.2.3.1 Request342.2.3.2 Response352.2.4 Method: ping352.2.4.1 Request362.2.4.2 Response363 CSM Configuration Service API383.1 Object Model383.1.1 Base Policy383.1.2 BasePolicyObject413.1.3 Policy Utility Classes433.1.4 PolicyObject Derived Classes453.1.4.1 NetworkPolicyObject453.1.4.2 IdentityUserGroupPolicyObject463.1.4.3 PortListPolicyObject483.1.4.4 ServicePolicyObject493.1.4.5 InterfaceRolePolicyObject513.1.4.6 TimeRangePolicyObject523.1.4.7 SLA Monitor Policy Object543.1.4.8 Standard ACE Policy Object563.1.4.9 Extended ACE Policy Object56Figure 35: ExtendedACEPolicyObject XML Schema573.1.4.10 ACL Policy Object583.1.4.11 SecurityGroupPolicyObject583.1.5 Policy Derived Classes603.1.5.1 DeviceAccessRuleFirewallPolicy603.1.5.1.1 Policy Config Device Response Example633.1.5.2 DeviceAccessRuleUnifiedFirewallPolicy663.1.5.3 DeviceStaticRoutingFirewallPolicy673.1.5.4 DeviceStaticRoutingRouterPolicy693.1.5.5 DeviceBGPRouterPolicy713.1.5.6 InterfaceNATRouterPolicy733.1.5.7 InterfaceNATStaticRulesRouterPolicy743.1.5.8 InterfaceNATDynamicRulesRouterPolicy773.1.5.9 DeviceNATTimeoutsRouterPolicy793.1.5.10 InterfaceNATAddressPoolFirewallPolicy813.1.5.11 DeviceNATTransOptionsFirewallPolicy823.1.5.12 InterfaceNATTransExemptionsFirewallPolicy833.1.5.13 InterfaceNATDynamicRulesFirewallPolicy853.1.5.14 InterfaceNATPolicyDynamicRulesFirewallPolicy873.1.5.15 InterfaceNATStaticRulesFirewallPolicy903.1.5.16 InterfaceNATManualFirewallPolicy933.1.5.17 InterfaceNAT64ManualFirewallPolicy983.1.5.18 InterfaceNATObjectFirewallPolicy993.1.5.19 InterfaceNAT64ObjectFirewallPolicy1023.2 Methods1033.2.1 Method GetServiceInfo1043.2.1.1 Request1043.2.1.2 Response1053.2.2 Method GetGroupList1063.2.2.1 Request1063.2.2.2 Response1073.2.3 Method GetDeviceListByCapability1103.2.3.1 Request1103.2.3.2 Response1113.2.4 Method GetDeviceListByGroup1133.2.4.1 Request1133.2.4.2 Response1143.2.5 Method GetDeviceConfigByGID1153.2.5.1 Request1153.2.5.2 Response1163.2.6 Method GetDeviceConfigByName1183.2.6.1 Request1183.2.6.2 Response1203.2.7 Method GetPolicyListByDeviceGID1213.2.7.1 Request1213.2.7.2 Response1233.2.8 Method GetPolicyConfigByName1243.2.8.1 Request1243.2.8.2 Response1263.2.9 Method GetPolicyConfigByDeviceGID1293.2.9.1 Request1293.2.9.2 Response1303.2.10 Method GetSharedPolicyNamesByType1303.2.10.1 REST Request:1303.2.10.2 Response Object:1324 CSM Events Service API1344.1 Methods1344.1.1 Method GetServiceInfo1344.1.2 Method EventSubcription1344.1.2.1 Request1344.1.2.2 Response1374.1.2.3 Syslog XML Event Notifications1404.1.2.4 Syslog PlainText Event Notifications1455 CSM Utility Service API1465.1 Object Model1465.2 Methods1465.2.1 Method GetServiceInfo1475.2.2 Method execDeviceReadOnlyCLICmds1485.2.2.1 Request1485.2.2.2 Response1506 API Scaling1537 CSM Client Protocol State Machine1547.1.1 Overview1547.1.2 Using the configuration and event service1568 Sample API Client Programs1588.1 CSM API pre-configuration checks1598.2 Login and ping test1628.3 Fetch CLI configuration of a firewall1658.4 Executing show access-list on a firewall device1698.5 Fetch CSM defined firewall policy1738.6 List shared policies assigned to all devices1768.7 List content of a given shared policy1828.8 Subscribing to change notifications – Deployment, OOB1869 Troubleshooting (Common Scenarios)19010 XML Schema19110.1 Common XSD19110.2 Config XSD19510.3 Event XSD21410.4 Utility XSD216Размер: 4,4 МБСтраницы: 217Язык: EnglishПросмотреть
Руководство По УстановкеСодержаниеIntroduction1Cisco Security Manager 4.12 Applications1Configuration Manager2Event Viewer2Report Manager2Health and Performance Monitor3Image Manager3Dashboard3CSM Mobile3Syslog Relay4Common Services 4.2.24Local RBAC Using Common Services4Auto Update Server 4.125Related Applications5Cisco Secure Access Control Server (ACS) 4.2.x5Cisco CNS Configuration Engine 3.5 and 3.5(1)5Minimum Hardware and Software Requirements6Virtual Machine Hardware and Software Requirements9Recommended Hardware and Software Specifications9VM Support by Operating System10Small Deployment with VMware ESXi 5.1U2 and VMware ESXi versions up to ESXi 6.010Small Enterprise Deployment13Small Deployment with Hyper-V and Windows Server 2012 R216Medium Enterprise Deployment with VMware ESXi 5.1U2 and VMware ESXi versions up to ESXi 6.018Medium Enterprise Deployment20Large Enterprise Deployment22Large Retail Deployment24Deployment Scenarios27Factors that Affect Application Performance29Single Server Installation30Multiple Servers Installation30Installation in VMware’s Virtual Machine Environment31High-Availability/Disaster Recovery32Installation Guidelines32Installable Modules32IP address, Hostname and DNS name32Client Deployment33Security Manager Server Tuning33Disk Defragmentation33Windows Operating System’s Swap-File size33Sybase Database Registry Parameters34Understanding Security Manager Licensing35Licensing Examples35Размер: 624,4 КБСтраницы: 36Язык: EnglishПросмотреть