10-6
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 10 Managing the Security Manager Server
Managing a Cluster of Security Manager Servers
CiscoWorks Common Services Device Credential Repository (DCR), Cisco Security Monitoring,
Analysis and Response System (CS-MARS), or Security Manager, or you can open it and view it in
a spreadsheet or text editor program. The .dev file is suitable for importing into another Security
Manager server only. For more information, see Exporting the Device Inventory from the Security
Manager Client, page 10-6.
• Use the CSMgrDeviceExport Perl script—Using this Perl script, you can export the inventory
without starting the Security Manager client. You can direct the output to the screen or to a
comma-separated values (CSV) file. For more information, see Exporting the Device Inventory from
the Command Line, page 10-10.
Note Only the five most recent versions of each device configuration are exported.
Exporting the Device Inventory from the Security Manager Client
You can export the device inventory in a variety of formats. These are the main choices:
• Export as CSV (comma-separated values)—You can create a simple CSV file containing inventory
information in one of the following formats: CSM (for use with Cisco Security Manager), Device
Credential Repository (DCR, for CiscoWorks Common Services), and CS-MARS seed file (for use
with Cisco Security Monitoring, Analysis and Response System). You can open a CSV file in a
spreadsheet application or text editor, and use the file with any application that supports the format,
including other Security Manager servers. However, this format contains no policy information, so
if you use it with another Security Manager server, you must discover policies while adding the
devices.
–
For more information about the CSV formats, see Supported CSV Formats for Inventory
Import/Export, page 10-9.
–
For information on how to import devices from a CSV file, see Adding Devices from an
Inventory File, page 3-29.
• Export Devices, Policies, and Objects—Export the device inventory along with all device
properties, policies, and policy objects used by the device. Exported information includes the
following:
Note Importing of *.pol or *.dev files is only supported on the same version of Cisco Security
Manager as used when exporting those files. You cannot export from one version of Cisco
Security Manager and import on a server running a different version.
–
All local and shared policies assigned to the devices, including all policy objects used in the
policies and any device-level overrides for the objects. Shared policy assignments are
maintained.
–
Device properties and inventory.
–
Configuration Archive data for the devices.
–
History snapshots for the devices.
–
Device certificates.
–
IPS device license and certificate information. Applied signatures are not exported (when
importing the device, you must have the same signature package registered on the server). IPS
update settings are not included; you will have to recreate them after import.