Filter
Top Products
10-8
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 10 Managing the Security Manager Server
Managing a Cluster of Security Manager Servers
• When selecting security contexts or virtual sensors, be sure to select the host device as well. Also,
if a device is part of a VPN, ensure that you select all devices in the VPN when exporting devices,
policies, and policy objects.
• When selecting IPS or IOS IPS devices, make sure that you have already applied an IPS signature
update to the device. Although you can export an IPS or IOS IPS device with the base sensor
package (Sig0), you will not be able to import it. The import error will be “missing Sig0 package.”
• When you select the following types of device that are contained in another device, the hosting
device is also automatically exported: any module in a Catalyst 6500/7600, an AIM or NME module
in a router. You can separately export ASA devices and their IPS modules.
• You cannot export devices with their policies (.dev format) while an activity or configuration session
is being approved. All approvals must be complete before you can export devices with policies. In
Workflow mode with an approver, contact the approver and ask that the approval be completed in a
timely manner. In non-Workflow mode, or Workflow mode without an approver, wait a few minutes
before retrying the export, because approvals happen automatically when changes are submitted.
• While you are exporting devices with their policies (.dev format), policy changes cannot be
approved. Once the export file has been created, and the command finishes, users can again approve
policy changes. In non-Workflow mode, or Workflow mode without an approver, this means that
submissions are not allowed during the export process.
• To export devices, policies, and policy objects, you must have Modify Policy and Modify Object
privileges to the policy and object types, and Modify Device privileges. These privileges can be
assigned for separate policies, objects, and devices when using ACS for authorization control.
Having system administrator, network administrator, or security administrator privileges provide the
required privileges.
When exporting devices to CSV, you need Modify Devices privileges only.
Related Topics
• Filtering Items in Selectors, page 1-42
• Selecting or Specifying a File or Directory in Security Manager, page 1-47
• Customize Desktop Page, page 11-6
Step 1 In Device view, select File > Export > Devices to open the Export Inventory dialog box.
Step 2 Select either Export as CSV or Export Devices, Policies, and Objects. These options are described
above.
Step 3 Select the devices that you want to include in the export file and click >> to add them to the Selected
Devices list. You can select a folder to select all devices in the folder.
The list from which you choose contains only those devices to which you have Modify Device
permissions.
Note If your Security Manager database contains a large number of devices or a large number of
policies or policy objects, you should limit the number of devices you export at one time to
prevent errors. For more information, see Export Size Limitations above.
Step 4 Click Browse to select the folder in which to create the export file and to enter a name for the file. For
File Type, select the type of file that you want to create; this selection is critical when creating a CSV
file, whereas there is a single option when creating a .dev file.