Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
278
Views
5
Helpful
0
Comments

Traffic Redirection tab not visible in PRSM single device mode

Anim Saxena
Level 1
Level 1

‎06-23-2014 08:52 AM - edited ‎03-08-2019 06:55 PM

 

Introduction

This document describes an issue faced by an user while implementing PRSM (Cisco Prime Security Manager).

Problem

User is using a 5515-X in single device mode.  Software is  version 9.2.1.2-69. He noticed a couple of anomolities whch he is not sure as desired behaviour of the device.  When he go to the configuration overview tab PRSM shows mode of the ASA CX as "unknown".  Also the User Guide says "Engineer"  should see a "traffic redirection" tab under configuration policies/settings but user don't see that.

Prerequisites

  • ASA 5515
  • IOS v9.2
  • ASDM
  • ASA-CX

Solution

What is PRSM( Cisco Prime Security Manager)?

Cisco Prime Security Manager enables the admin to control a centralized, simple, and scalable tool to manage Cisco ASA 5500-X Series Next-Generation Firewalls.
 
This tool also provides feature of "Context-aware"  for granualur usage:
  • Application Visibility and Control (AVC)
  • Web Security Essentials (WSE)
  • Intrusion Prevention Systems (IPS)
so that the admin can enable new use cases without compromising security.
 
Cisco Prime Security Manager helps in delivering:
  • Provides excellent visibility for end-to-end network intelligence
  • The ability to write and enforce the granular security policies
  • A consistent management interface for single- and multi-device management
  • An efficient way to manage core ASA functions including stateful firewall and Network Address Translation (NAT) together with Next-Generation Firewall Service 
 
Network Visibility:
  • Gain a comprehensive understanding of the traffic flows throughout the network. Top-level reports summarize traffic patterns related to users, applications, devices, and other contextual elements. Cisco Prime Security Manager also provides access to granular logs and information about the health and performance of security devices.
 
Granular Application, User, and Device Control:
  • Write and enforce granular policies based on a comprehensive set of contextual elements, including:
    • Applications, micro-applications, and application behavior
    • User and group identity
    • Device and operating system
    • Device location
    • Threat profiles

Solution

If you're running single device mode (on-box PRSM) you cannot manage the ASA configuration like you can with the off-box PRSM. Note this section of the user guide which states:

User Guide

"Traffic Redirection—(ASA, Multiple Device mode only.) Configure traffic redirection from the ASA to its CX module." 

Source Discussion

Labels:
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents