I have been recently engaged on assessing Cisco Security Manager and determining its capabilities and limitations in respect to our infrastructure.
Question: when using CSM to manage an IPS is there any way to manage the user accounts on the IPS? If so does it require a certain level of firmware or IDM version? (my current Test IPS is running 6.0)
Question: I have had difficulties deploying changes to the IPS as it would give me an error stating PG.IPS.IpsAllowedHosts and something along the lines of require at least one host stated including the CSM address. Pretty self explanatory however there were four statements listed not only through CSM but on the device itself. Has anyone encountered similar issues or have any suggestion as to what could be causing it?
Question: When setting up automatic IPS updates, is there a way to set notifications once it has completed the download? or has applied them? I know that changes that are made must go through the work-flow notification system, however we were considering using non-work-flow mode.
Question: I am aware that the individual devices are capable of sending their logs to log servers, but can Cisco Security Manager also send its logs/activities/events/notifications to another log server?
Any input, comments, and suggestions are greatly appreciated.
Thank you to all who read and/or respond