We are a new user with Prime and have a couple questions. It seems to be quite a power yet complex tool so figure we have a ways to go.
I have the system up and running and am able to do a discovery and pull the configs so it seems basic operation is there. I still need to work on the change logging stuff but figure I need to get Tacacs up and running as part of that. My question here is that I will also be implementing ISE and it to uses Tacacs or at least AAA for its operation. Is there anything I need to be aware of f getting both to work at the same time on the same device?
Secondly - Are there any recommendations or suggestions on the additional roles for users I might want to create. I already have a question from our security group requesting read access to the configs. They would like to use this tool to make sure the network devices are hardened agains a security standard but do not waht to accidently change something that will affect the network.
Thirdly - I am looking into getting Prime to backup configs as changes are made instead of simply on a periodic basis. I figure I need to integrate syslog or at least some type of trap to key on when an archive is needed. Would that also affect any external syslogging currently in place? i.e. logging to syslog server for regular daily device operation?
I am sure We will have more questions as we go so thanks in advance for teh assistance. Any recommendations on further documentation of fully setting up the system or recommendations on what needs to be setup on the system are appreciated.
Ideally there is no issues in Prime and ISE working together with devices simultaenously. These softwares, devices OS and Tacacs/AAA are designed for multitasking usually.
The kind of access in the Configs collected and saved from devices depends upon the user priviledges. You can give Help desk priviledges to those whom you dont want to be able to make any changes to device configs using Cisco Prime Infrastructure.
For easy management, make groups with custom access and privledges.
Is there anything anywhere that lists details for the task permssions? It looks like there are a lot of "options" under the catagories but nothing that really helps me know what each one allows. It looks like I have to modify a "user defined group and there is no way to create a new group unless I am just missing it.
Secondly any guides or samples anywhere on diffeent user groups such as a "helpdesk"? Looking mostly for examples of what others have created.
I just love it when a project priorities come and go. I am now back to working on the task lists above. Does anyone know where I might can find a configuration guide or documentation on creating user groups as in the secondary task above? The admin guide gives you steps for different pieces but I am looking for something to help me work through the process. They are now back to looking for a way to access the configurations in prime for various reasons but not be able to break anything on accident if they have full admin type rights. They also only want access to configurations and nothing else in prime if possible.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...