Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

how to convert CSPM 3.1 database for VMS 2.2 usage ?

We need to migrate from CSPM to VMS FW MC (since CSPM will not be supported anymore soon);

As we have hundreds of networks and services objects names in CSPM and samething for the access rules, it would be nice if they can be converted in a format accessible by FW MC ;

as the minimum, does anybody at CISCO or elsewhere has a utility (even a basic one) that can allow to extract CSPM object names and place them in a text or CSV file ;

in CSPM, there is a function (in Report index, Policy Query) to list the rules in a text or CSV file, which can be rewritten to be imported in FW MC;

but, I don't find any function to do such thing with the CSPM objects names

If I import, into FW MC, the PIX config file ,as built by CSPM, I loose, of course, all the objects and rules names, so, I get the thousands of rules in FW MC config, which is rather unusable for the PIX guies

Of course, we could rewrite all the objects and all the rules manually into FW MC, but this is rather long and besides, this can generate many typo errors

Thanks in advance

1 REPLY
Community Member

Re: how to convert CSPM 3.1 database for VMS 2.2 usage ?

Dear Madam / Sir,

I would like to get in personal contact with you regarding this NetPro question. There is nothing officially available today that will allow you to preserve the naming and grouping concepts. However we might be able to use some internally available tools to make this easier..

There are a few options in Firewall Management version 1.2 and even more to come in FWMC 1.3 that allow you to make your configuration more understable after doing a import from the device directly into the FWMC product. One of which is the feature called 'Object Group Discovery'. This allows you to dynamically find objects/services that could be taken together to reduce the size of the config. Also these newly created Object Groups could be named properly to better reflect there purpose. Also the 'nested' search options in FWMC will allow you to quickly identify and rename your rules/objects.

I hope this helps and please respond to this answer so I can get some more information.

Utmost kind regards,

Erik Lenten

Technical Marketing Engineer

Enterprise Security Management

elenten@cisco.com

128
Views
0
Helpful
1
Replies
CreatePlease to create content