Cisco Security Manager removes the access-lists that are not in use on PIX/ASA

Document

Jun 22, 2009 5:36 PM
Jun 22nd, 2009

What is CSM?

CSM is an enterprise class device management solution for managing Cisco security devices like ASA, IPS, IOS devices and VPN gateways. CSM is full of features designed to make life easier for administrators that work with lots of Cisco security devices and want a central management and troubleshooting solution. CSM offers policy-based management so you can create configuration policies once and then share them between multiple devices. For example you can setup a global AAA policy or access policy and then add in all your routers and ASA's so they inherit from that policy. Now when you need to make a change you just change the global policy and all the attached devices get updated. CSM also has configuration archiving and rollback, workflow, RBAC, and ACL optimization features. All of this is wrapped up in a slick GUI interface that can make previously tedious tasks go away.

Core issue

In this issue, the Cisco Security Manager (CSM) removes the access-list and object groups if they are not in use on the PIX/ASA.

Resolution

In order to keep the access-list that is not in use on the device, choose Tools > Security Manager Administration > deployment. Uncheck the remove unreference access-lists on device check box . This option is enabled by default.

Refer to the Policy Discovery section of FAQs and Troubleshooting Guide for Cisco Security Manager for more information.

Average Rating: 0 (0 ratings)

Actions

Login or Register to take actions

This Document

Posted June 22, 2009 at 5:36 PM
Stats:
Comments:0 Avg. Rating:0
Views:1817 Contributors:0
Shares:0

Related Content

Documents Leaderboard