Getting Started

In this section, we go through the login details for IDS MC via CiscoWorks and see how authorization roles in CiscoWorks allow for delegation of tasks .

You need to log in to the CiscoWorks server desktop to access the IDS MC. Launch a browser and enter the IP address of the CiscoWorks server with a port number of 1741. If you're logging into the machine where CiscoWorks is installed, enter http://127.0.0.1:1741 in the browser address field. Enter the default username and password of admin and admin .

The default username/password combination for CiscoWorks is admin, admin .

CiscoWorks Authorization Roles

The user authentication roles within CiscoWorks allow you to delegate different responsibilities to your junior administrators who log in to the IDS MC. IDS MC uses the following user authorization roles:

• Help Desk Read-only for the entire system.

• Approver Read-only for the entire system; includes approval privileges for configuration changes.

• Network Operator Generates reports and deploys configurations; read-only for all other system functions.

• Network Administrator Privileges to edit devices and device groups; read-only for the rest of the system.

• Systems Administrator Performs all functions.

You can assign users multiple authorization roles.

CiscoWorks Add User

After logging in to the CiscoWorks server desktop, navigate to Server Configuration, Setup, Security, Add Users, to produce the Add User page shown in Figure 14.3.

At the Add User page, enter values for the settings in Table 14.3.

Table 14.3. CiscoWorks Add User Settings

After you fill in the values for the settings in the Add User page, check the check boxes for the roles that your new user will fulfill and then click the Add button to add the new user.

Launching IDS MC

Now that you've added some users through CiscoWorks, you want to launch the IDS MC application. You see on the far-left side a drawer for the VPN Security Management Solution. Click on this drawer to expand the set of folders.

After you click on IDS Sensors within the Management Center folder, a security alert appears. Click Yes to launch the Security Monitor in a new browser window.

Understanding the IDS MC Interface

The IDS MC interface is very much like the interface of the IDS Device Manager (IDM) on each individual sensor and the Security Monitor for VMS. Figure 14.4 shows the main features of the IDS MC interface.

You can see from Figure 14.4 that the IDS MC has five tab sheets: Devices, Configuration, Deployment, Reports, and Admin. Each of the five tab sheets offers options on the Option Bar beneath the tab sheet label. Each option displays its own list of choices in the Table of Contents (TOC) list on the left side of the page. As you would expect, the contents of the TOC list depend on the tab and option that you navigate to; this path appears in the path bar.

Typically, action buttons relevant to the current tab sheet and selected option appear at the bottom of the page. These buttons are for actions such as add, edit, next , enable, cancel, and so on. On the far-right side of the page, you see the instructions that explain the functions on the page. Finally, at the upper-right of the page are Close, Help, and About tools, with links to close the IDS MC application, access online help, or read the contents of the About page.

You've already seen some functionality of the Cisco IDS MC in the signature, sensing, and blocking configuration tasks covered in Chapters 9, 10, and 11. All of these tasks were completed in the Configuration tab sheet. In the following sections, we go through the remaining key functions for the Devices, Configuration, and Deployment tab sheets.