Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSA : Do CSA keep the allowed events with exported policies.

I've created a server Group on a CSA-MC.

There are 2 sites, and all events on the first CSA (1st Site) will be the same on the second Site. Because the applications on each server are the same. Only the IP address change. (redundancy)

First, the group is in learning mode, and there is no policy defined.

So all event are allowed.

Question :

After the learning mode, I want to export the group and import this group in the second site.

Do CSA keep all allowed events that have been discovered in the 1st Site.

Best regards.

Antra

  • Intrusion Prevention Systems/IDS
3 REPLIES
Anonymous
N/A

Re: CSA : Do CSA keep the allowed events with exported policies.

The Export utility exports entire rule modules and policies (not individual rules), including the accompanying application classes and configuration variables. Because of communication channels established in the original configuration, some site-specific imported configuration information (IP addresses) may not work on another server. Exporting an item will also export related data. In particular, exporting policies will export application classes and configuration variables referenced in rules within the policy. Exporting a group will export associated policies but not hosts. The Export/Import functions are not intended to be used as a backup/restore mechanism as they do not preserve system specific information such as group-host memberships

New Member

Re: CSA : Do CSA keep the allowed events with exported policies.

Hi,

if I export group, then the added policies, during learning mode, will be exported with it?

Best regards

New Member

Re: CSA : Do CSA keep the allowed events with exported policies.

Antra,

If you are exporting an object that contains your new rules (i.e. the exception policy) then these rules will be exported. You can actually run a test by doing the export and then searching the export file for a rule you created (the rule number is of the form id="123")

Thanks,

Josh

126
Views
0
Helpful
3
Replies
This widget could not be displayed.