Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
11-15
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 11 Configuring Security Manager Administrative Settings
Deployment Page
Remove Unreferenced
Access-lists on Device
(IPv4 and IPv6 access rules.)
Whether to delete any access lists that are not being used by other CLI
commands managed by Security Manager from devices during
deployment.
Note After enabling this option, Security Manager will remove
access lists during deployment that are not used in any policies
managed or discovered by Security Manager. If any policy that
is NOT discovered or managed by Security Manager is using
such an access list, Security Manager will still attempt to delete
that object during deployment. This also applies to access lists
that are used in FlexConfigs but are not used in any other
policies managed by Security Manager.
Generate ACL Remarks
During Deployment
(IPv4 and IPv6 access rules.)
Whether to display ACL warning messages and remarks during
deployment.
Preserve Sections for Access
Rules
Whether to deploy the section name under which access rules are
organized. This option ensures that if a device is discovered or
rediscovered, the section names will not be lost.
Generate CSM Rule Number Whether to deploy the rule number used in the Cisco Security Manager
user interface. This option helps in correlating an access rule in a device
configuration to its position in rule table.
Object Group Parameters
Remove Unreferenced
Object Groups from Device
(PIX, ASA, FWSM, IOS
12.4(20)T+)
(IPv4 and IPv6 objects.)
Whether Security Manager should remove object groups that are not
being used by other CLI commands managed by Security Manager
from devices during deployment. Object groups include network/host,
service, and identity user groups.
Note After enabling this option, Security Manager will remove
objects during deployment that are not used in any policies
managed or discovered by Security Manager. If any policy that
is NOT discovered or managed by Security Manager is using
such an object, Security Manager will still attempt to delete that
object during deployment. In such cases, deployment will fail
with a transcript error indicating that it was unable to delete the
object.
Tip Network/host objects that include object NAT configurations
on ASA 8.3+ devices are never considered unreferenced.
Table 11-8 Deployment Page (Continued)
Element Description