Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
0
Helpful
2
Replies

CSM (Cisco Security Manager) automated policy discovery

andy.taylor
Level 1
Level 1

‎06-01-2009 01:53 AM - edited ‎03-09-2019 10:20 PM

Hi,

Does anybody know if it possible to automate a policy discovery on a group of objects?

Essentially I have two CSM servers running in seperate locations, one primary and one secondary and want the secondary to do an automated policy discovery on a number of ASAs to keep the secondary database/policies up to date.

I can't find any obvious way to do this.

All the best,

Andy

Labels:
0 Helpful
2 Replies 2

Farrukh Haroon
VIP Alumni
VIP Alumni

‎06-01-2009 05:49 AM

I don't see much benefit in the method you are using. Even CSM will complain that OOB changes have occurred for the device.

CSM supports HA using the VCS software:

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.1/high_availability/guide/hamaint.html

Regards

Farrukh

0 Helpful

andy.taylor
Level 1
Level 1
In response to Farrukh Haroon

‎06-01-2009 06:09 AM

Farruk,

Many thanks for the link.

Requirements:

To install Security Manager in a dual-node HA environment, you need two servers that can access a shared storage array.

Unfortunately this is not an option for the current setup, which is why I am having to revert to a active/active type setup.

The secondary CSM will be happy if it does a policy discovery. It's just a matter of finding out how to get this automated discovery on a regular basis.

All the best,

Andy

0 Helpful
Customers Also Viewed These Support Documents