Access rules policies in Cisco Security Manager

Unanswered Question
May 30th, 2007
User Badges:


We've started to deploy CSM 3.01 on our network (currently we have about 20 ASA's and this list is going to have about a 100 devices). The point is that we haven't used CSM's Policy View tab to develop our security policy - we've deployed our policy on each device through ASDM (or CLI). So now we have independent policy on each device (they are very similar but they are local to each device). CSM has an policy inheritance mechanism but the question is - how can we deploy one shared policy thorugh policy tab and retain local individual rules that were added later?

The problem is that CSM offers to deploy policy and then to add local rules but how can we make it reverse - i mean automatically add global policy to local rules and to delete rules that match in both policies?

I think that is rather "unclear" explanation of problem, but i'll try to answer any additional questions.

Regards, Amir

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion