3-19
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 3 Managing the Device Inventory
Adding Devices to the Device Inventory
IPS Module Discovery Dialog Box
Use the IPS Module Discovery dialog box to add the credentials required to log into an IPS module, such
as an AIM-IPS or NME, on a router you are adding to the inventory.
Navigation Path
After you discover policies on a router chassis that contains an IPS module, you are asked if you want
to discover its modules. If you click Yes, this dialog box appears. You can perform policy discovery
using any of these methods:
• When adding a device from the network. See Adding Devices from the Network, page 3-11.
• When adding devices from an inventory file. See Adding Devices from an Inventory File, page 3-29.
Connect to FWSM How Security Manager should access the FWSM:
• Directly—Connect to the FWSM using its management IP address.
This is the recommended approach. It is the required method if you
are connecting to a failover device; otherwise, Security Manager
might connect to a standby FWSM after a failover.
• via Chassis—Connect to the FWSM through the chassis. This
method has the restriction that there should be fewer than 20
security contexts defined on the FWSM. Security Manager
connects to the Catalyst device through SSH and then to the FWSM
through the session command. The number of concurrent SSH
sessions is limited on a Catalyst device, with a default of 5. Policy
discovery uses one SSH session for each security context, so a
large number of contexts might lead to connection failures. If you
select Directly, Security Manager connects to the FWSM through
SSL, which has a greater concurrent session limit.
Management IP The management IP address for the service module.
For FWSMs, this field is not available if you select via Chassis for the
connection method.
Username The user name for the service module.
For FWSMs running in multiple-context mode, a footnote explains
which context’s username and password to enter, either the system or
the admin context. If you are connecting to a multiple-context mode
device through the switch chassis, you must configure the same
username and password for both the system execution space and the
admin context, and specify those credentials in this dialog box.
Note User names be at least four characters. Passwords can be three
to 32 characters; we recommend that passwords be at least eight
characters.
Password The User EXEC mode password for the service module. In the Confirm
field, enter the password again.
Enable Password
(FWSM only)
The Privileged EXEC mode password for the service module. In the
Confirm field, enter the password again.
Table 3-3 Service Module Credentials Dialog Box (Continued)
Element Description