CSA MC Component Sharing

 < Day Day Up > 

Every enterprise environment is different; thus, some enterprise deployments require more than one CSA MC server. In version 4.5, the CSA MC can handle up to 100,000 agents, but sometimes security policy, security administration, and geographic separation play a role in deploying an efficient architecture.

The CSA MC enables you to import and export CSA components between management servers. Items that can be imported and exported include all configuration settings applicable to that component. Components that can be migrated include the following:

  • Groups

  • Policies

  • Rule modules

  • Event sets

  • File sets

  • Network service sets

  • Registry sets

  • COM sets

  • Data sets

  • Network address sets

  • User state sets

  • System state sets

  • Query settings

  • Application classes

  • Reports

The Import/Export feature enables you to maintain consistent policy and configuration across multiple CSA MC servers. This ability speeds deployment and limits configuration error.

Exporting CSA MC Objects

To perform an export task, choose Maintenance > Export. Click New to create a new export job. A list of exportable objects displays, as in Figure 14-3. Before completing the exportation task, you must name the export job, provide a description, and choose all the objects you want to export by checking the associated check boxes. This export will also include referenced objects, such as various sets that may be included in other objects. After setting all parameters associated with the export, click the Export button at the bottom of the page. When prompted about whether you want to export, click Yes. The job proceeds as you watch the progress in the window. When the export finishes, you can click the Here link at the bottom of the processing page to download the file locally.

Figure 14-3. Sample Exportable Objects


NOTE

When naming an export job, do not include spaces, because this will also be the filename of the export. The file will be named NameProvided.export and will reside in the \csamc45\export directory.


The file exported is formatted as XML and can be opened for viewing, as shown in Figure 14-4. The options within the XML file differ per object type and should never be manually edited, because any error could produce instabilities in your enterprise production CSA MC server when imported.

Figure 14-4. Sample Export Job in XML


After completing the file export, you can manually move the file from the CSA MC server file location or return to the Export menu where the export job you created is now listed. By clicking this job, you are prompted to save or open the file locally via remote download. Figure 14-5 shows a sample exported file screen.

Figure 14-5. Sample Exported Job Listing


Importing CSA MC Objects

To perform an import task, choose Maintenance > Import. Click New to create a new import job. You must locate the locally accessible file on your system by clicking the Browse button. After locating the correct previously exported file, provide a name and description for this import. This particular screen should appear as in Figure 14-6. After entering all parameters, click Import.

Figure 14-6. Sample Import Page


Upon clicking the Import button, you can watch the progress of the import. When the import finishes, you will see Successfully Imported File filename displayed in bold letters at the bottom of the progress page. The import is not yet complete, however. You still need to click Generate Rules to commit the changes. Figure 14-7 shows a successfully imported file.

Figure 14-7. Successful Import of a File


You can also use the Import History page available as an option on the Import/Export menu to import configuration data. This page displays a historical account of everything that has been imported to this CSA MC server. You can consider this log an audit of imported data.

     < Day Day Up > 


    Cisco Security Agent
    Cisco Security Agent
    ISBN: 1587052059
    EAN: 2147483647
    Year: 2005
    Pages: 145
    Authors: Chad Sullivan

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net