Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSM (Cisco Security Manager) automated policy discovery

Hi,

Does anybody know if it possible to automate a policy discovery on a group of objects?

Essentially I have two CSM servers running in seperate locations, one primary and one secondary and want the secondary to do an automated policy discovery on a number of ASAs to keep the secondary database/policies up to date.

I can't find any obvious way to do this.

All the best,

Andy

2 REPLIES

Re: CSM (Cisco Security Manager) automated policy discovery

I don't see much benefit in the method you are using. Even CSM will complain that OOB changes have occurred for the device.

CSM supports HA using the VCS software:

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.1/high_availability/guide/hamaint.html

Regards

Farrukh

New Member

Re: CSM (Cisco Security Manager) automated policy discovery

Farruk,

Many thanks for the link.

Requirements:

To install Security Manager in a dual-node HA environment, you need two servers that can access a shared storage array.

Unfortunately this is not an option for the current setup, which is why I am having to revert to a active/active type setup.

The secondary CSM will be happy if it does a policy discovery. It's just a matter of finding out how to get this automated discovery on a regular basis.

All the best,

Andy

224
Views
0
Helpful
2
Replies