Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2398
Views
5
Helpful
0
Comments

Cisco Security Manager removes the access-lists that are not in use on PIX/ASA

TCC_2
Level 10
Level 10

‎06-22-2009 05:36 PM - edited ‎03-08-2019 06:26 PM

What is CSM?

CSM is an enterprise class device management solution for managing Cisco security devices like ASA, IPS, IOS devices and VPN gateways. CSM is full of features designed to make life easier for administrators that work with lots of Cisco security devices and want a central management and troubleshooting solution. CSM offers policy-based management so you can create configuration policies once and then share them between multiple devices. For example you can setup a global AAA policy or access policy and then add in all your routers and ASA's so they inherit from that policy. Now when you need to make a change you just change the global policy and all the attached devices get updated. CSM also has configuration archiving and rollback, workflow, RBAC, and ACL optimization features. All of this is wrapped up in a slick GUI interface that can make previously tedious tasks go away.

Core issue

In this issue, the Cisco Security Manager (CSM) removes the access-list and object groups if they are not in use on the PIX/ASA.

Resolution

In order to keep the access-list that is not in use on the device, choose Tools > Security Manager Administration > deployment. Uncheck the remove unreference access-lists on device check box . This option is enabled by default.

Refer to the Policy Discovery section of FAQs and Troubleshooting Guide for Cisco Security Manager for more information.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents