Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
627
Views
5
Helpful
3
Replies

editing CSA agent kit

infinitingr2
Level 2
Level 2

‎07-07-2004 05:16 PM - edited ‎03-09-2019 07:59 AM

As anyone ever edited a CSA agent kit post deployment? I tried editing an agent kit, gave it the same name as the previously deployed agent kit, but CSA prevented the creation of a duplicate kit. How do you edit an agent kit post deployment.

Thanks.

Ade

Labels:
0 Helpful
3 Replies 3

pcomeaux
Cisco Employee
Cisco Employee

‎07-07-2004 05:43 PM

Hi Ade -

My experience has been that Agent Kits cannot be edited to change the settings after it is created.

There's only a few settings though:

- Name of Kit

- Silent Install

- Network Shim Install

- Reboot Automatically

- Default Group Association(s) (Hosts can be reassigned post-install)

I would suggest deleting the existing agent kit and creating a new one with the same name if you want to change any of the other parameters.

Hope this helps,

peter

0 Helpful

infinitingr2
Level 2
Level 2
In response to pcomeaux

‎07-08-2004 10:10 AM

Thanks Peter. What I want to do (and I am sure u know it) is to edit the policy within the agent kit that I have alerady deployed. I would try what you suggested, but here are my new discoveries on how to edit the "agent kit."

In light of recent experience, the phrase "edit the agent kit" is misleading because it focuses attention on the kit whereas the goal is to "edit the policy within the agent kit."

I don't see a substantial need for editing the agent kit's name as opposed to editing the policy which the agent kit enforces on the host. For others who just might need to change the policy after deployment here are some of the steps I have found useful.

1. From Mgt Ctr for CSA, click on Monitor / status summary

2. Click on the hosts that are currently running an agent kit.

3. From the hosts list select the host running the agent kit whose policy u wish to edit

4. From here, u can modify the host's group membership, and a number of other "edit" related issues. For instance, you could scroll down the page and modify any of the "combined policy rules"

5. If you do modify anything, note that you must "SAVE" (this button would be to the bottom left side of the page and would become visible the moment u click on any of the rules). Then the moment u "SAVE" the "generate rules" (to the bottom right hand side of the page) would beging to blink indicating that you need to click on generate rules. Once u click on the "generate rule" you would be returned to the previous page containing the list of "combined rules."

6. On this page, you would see the "number of rules changes pending" and the word "generate" both on the bottom end of the page.

7. To apply the chnages, click on "generate."

The above steps would enable editing the policy after deployment. But it applies to only one machine at a time.

What if the goal is to totally change the policy on a particular group.

Here is what I have found useful.

1. create the agent kit and the group you wish to attach the kit to.

2. From Mgt Ctr for CSA, click on Monitor / status summary

3. Click on the hosts that are currently running an agent kit.

4. From the hosts list select the host running the agent kit whose policy u wish to edit or just any host.

5. From here, u can modify the host's group membership, or assign the hostto the new group you have created in step 1. Make sure that the host does NOT belong to the previous group.

Follow the save / generate / generate procedure.

Hope someone finds this useful. I have benefited a lot from what others have written on this forum.

Thanks to you all & to Peter for his postings.

Ade

pcomeaux
Cisco Employee
Cisco Employee
In response to infinitingr2

‎07-08-2004 07:20 PM

Excellent information, Ade.

Sorry I misunderstood what you were asking.

Tuning the rules applied to a Group is a very important step in using CSA.

I typically need to write 6 to 12 rules when working with customers to handle the uniqueness in their environment to ensure CSA does not block the Administrative functions that exists.

Here's some other tips I've learned during these installs:

1. Change the rules that come with the system as little as possible.

2. Whatever changes you make, whether it is a new group, policy module, application class or variable, preprend the item with something unique.

For example, if the install is for company XYZ, and a new application class is needed to Trend Micro AV applications, I would create an Application Class called "XYZ - Trend Micro Executables".

3. Clone the groups with the same uniqueness strategy in mind. For example, if you plan to use "default desktops", "default remote laptops", "default servers", I usually clone these groups as in above to "XYZ - default desktops". "XYZ - default remote laptops", and "XYZ - default servers" Doing this permits you to return to the original groups very easily.

4. If you do step 3, it is best to create new agent kits associated to these new groups.

5. I usually create the following additional policy modules to handle ALL rule changes to be done for this install:

XYZ - Global Exceptions Module ---> applies to all groups

XYZ - Default Desktop Exeception Module

XYZ - Default Remote Laptop Exception Module

XYZ - Default Server Exception Module

Doing so provides an easy way to apply rules specifically to one group or all groups. This also eases troubleshooting when you call TAC for help or ask for help in other means by saying "Everything is default, except for these modules I have created."

6. Be sure to use "Event Sets" to clean up the Events Database as you continue to tune the CSA rules.

Hope this too is helpful.

thanks

peter

0 Helpful
Customers Also Viewed These Support Documents