Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
224
Views
0
Helpful
1
Replies

Access rules policies in Cisco Security Manager

uralsib
Level 1
Level 1

‎05-30-2007 08:36 PM - edited ‎03-09-2019 06:05 PM

Hello!

We've started to deploy CSM 3.01 on our network (currently we have about 20 ASA's and this list is going to have about a 100 devices). The point is that we haven't used CSM's Policy View tab to develop our security policy - we've deployed our policy on each device through ASDM (or CLI). So now we have independent policy on each device (they are very similar but they are local to each device). CSM has an policy inheritance mechanism but the question is - how can we deploy one shared policy thorugh policy tab and retain local individual rules that were added later?

The problem is that CSM offers to deploy policy and then to add local rules but how can we make it reverse - i mean automatically add global policy to local rules and to delete rules that match in both policies?

I think that is rather "unclear" explanation of problem, but i'll try to answer any additional questions.

Regards, Amir

Labels:
0 Helpful
1 Reply 1

Not applicable

‎06-05-2007 05:01 PM

Yes that could be done but only for certain Objects as an example Text objects can be overriden by Induvidul apolicies. Refer URL

http://cisco.com/en/US/products/ps6498/products_user_guide_chapter09186a00805ac23c.html#wp1199068

0 Helpful
Customers Also Viewed These Support Documents