Table of Contents

A
B
C
D
E
F
G
H
I
M
N
P
R
S
T
W

index

A

Administrative Account panel

task

create an account   8-10

B

backup   8-13

C

checklist   7-2

define audit event rules   5-3

define Network Topology   2-3

define notification rules   5-12

define reports   5-28

generating and publishing command sets   7-2

getting started   1-1

checkpoints

specifying   8-2

Cisco Controlled Host Component

restarting   4-40

Cisco Secure Policy Manager   3-40

host   2-6, 3-40

tasks

create server   3-42

cloud   3-16

Internet   3-4

tasks

configure interface   3-18

create   3-16

define cloud network   3-20

Cloud node

example   2-1

command generation   2-9

approval process   1-12

content of   1-12

default publishing of   1-12

device-specific   1-12

generated by Cisco Secure Policy Manager   1-12

Save and Update   1-12

See also Command panel   1-12

support limitation   2-9

IOS interface commands   2-9

translation of   1-12

troubleshooting

view via Command Panel   1-12

Command panel

tasks

approve commands manually   7-27

configure IPSec bootstrap   7-25

entering epilogue commands   7-22

entering prologue commands   7-22

review generated command sets   7-20

specify command approval method   7-16

verify publishing status   7-29

customer service and support   xii

D

device-centric settings   4-1

global service settings   4-2

network interface settings   4-2

policy enablement settings   4-2

policy-specific settings   4-3

system maintenance settings   4-3

traffic flow settings   4-2

documentation

feedback   xv

latest version   xii

related   xii

E

epilogue commands   7-22

entering   7-22

Exported view   8-16

Export to File   8-16

F

File menu   8-18

G

getting started

tasks

assign policies in the Security Policy Enforcement Branch   1-11

define monitoring settings   1-8

define network topology   1-3

define policy abstracts   1-9

generate, verify, and publish command sets   1-12

organize network objects in Security Policy Enforcement Branch   1-9

H

host   3-45

tasks

add client/server product type   3-49

create   3-46

I

IKE IPSec Tunnel Templates   6-19

imported view   8-18

Import from File   8-18

Internet   3-4

IOS router   3-29

settings panels   4-10

IP range   3-43

IPSec   4-58

IPSec Tunnel Groups   6-25

add a hub   6-27

create a new   6-25, 6-30

IPSec Tunnel Template   6-17

create a new   6-17

M

MAPI

configuring   5-20

mapping rules   4-47

types   4-47

address hiding   4-47

path restriction   4-47

static translation   4-47

monitoring

audit event filtering rules   1-8

checklist   5-3

define audit event rules   5-3

Cisco Secure Policy Manager hosts   1-8

related functions

notifications   1-8

reporting   1-8

Syslog   1-8

N

network   3-12

network object groups   6-15

create   6-15

network service bundles   6-12

creating   6-12

network services

definition of   1-10

dependencies

port number   1-10

protocols   1-10

tools

network service bundles   1-10

Network Service Wizard   1-10

Service Library   1-10

network shortcut   3-14

Network Topology

checklist   2-3

Cloud example   2-1

dependencies

outside to inside definition   1-3

downstream   1-3

examples

network topology tree   1-5

single outermost gateway object   1-4

gateway object   1-4

key components   2-8

certificate authority servers   2-10

Cisco Secure Policy Manager servers   2-10

IOS Router/Firewall   2-9

ISP connections   2-8

PIX Firewall   2-9

policy enforcement points   2-9

syslog servers   2-11

modeling

map common objects   3-1

planning

worksheet   2-11

required objects

Cisco Secure Policy Manager hosts   1-7

list of   1-7

role in system

device-centric settings   4-1

top-down design   2-1

upstream   1-3

notifications

checklist   5-12

define notification rules   5-12

e-mail   5-20

pager   5-22

P

PIX Firewall   3-21

settings 1   4-4

policy abstracts

See security policy   1-9

Policy Builder   6-35

definition of   1-11

tasks

adding a node   6-35

change node type   6-37

specify destination condition   6-44, 6-47

specify service condition   6-41

specify source condition   6-38

Policy Database   4-34

backup   8-13

checkpointing   4-34

checkpoints   8-2

Key   4-34

key   4-39

log file   4-34

modifying IP address   4-35

modifying TCP port

restarting CHC   4-40

monitoring network sessions   4-35

network service   4-36

selecting   4-36

storage size   8-2

tasks

export key   4-40

modify IP address for sessions   4-35

restart   4-41

schedule checkpoint   8-2

specify port settings   4-38

specify service definition   4-36

TCP port for requests   4-37

Policy Database key

exporting   4-39

policy distribution point   4-20

tasks

toggle availability   4-21

policy enforcement   6-5

add a folder   6-6

add a network object   6-5

policy enforcement point   4-64

tasks

select policy distribution point   4-67

select policy monitor point   4-69

select target syslog servers   4-70

specify enable password   4-71

specify IP address settings   4-66

specify IPSec tunnel template   4-68

specify Telnet password   4-72

policy monitor point   4-22

Policy Report Point   4-28

Policy Reports panel   4-28

associated IP Address   4-29

associated network service   4-32

modifying associated IP Address   4-29

modifying TCP port   4-30

reporting agent   4-28

Policy Update

automatic   7-14

changing the default   7-14

default   7-14

manual   7-14

prologue commands   7-22

entering   7-22

protocol definitions   6-7

configuring   6-7

Protocol panel   6-21

modifying   6-21

R

reporting

checklist   5-28

define reports   5-28

reports

customizing

start page   4-33

router   3-36

tasks

create   3-36

specify interface settings   3-38

Routes panel   4-42

tasks

create a new rule   4-44

disable generation of derived routes   4-46

S

Save and Update

See command generation.   1-12

securing communications   4-39

security policy   6-1

abstracts   6-33

create a new   6-33

definition of   1-10

assignment   1-11

checklist   6-1

dependencies

custom network services   1-10

network services   1-10

tools

Policy Assignment   1-11

Policy Builder   1-10

understanding   6-1

Security Policy Enforcement Branch

dependencies

network objects   1-9

policy abstracts   1-9

Security Policy folders   1-9

order of objects   1-9

service and support   xii

Service Library

See network services.   1-10

T

TAPI

configuring   5-22

TCP port   4-37

modifying use by Policy Database   4-37

network service definition   4-37

restarting CHC   4-38

used by Policy Report Point   4-30

Technical Assistance Center

warranty or maintenance contract   xiv

traffic flow settings   4-2

tunnel groups   6-25

add a hub   6-27

create a new   6-25, 6-30

tunnel template   6-17

create a new   6-17

W

warranty   xiv

Windows Messaging   5-20

Posted: Thu May 25 13:04:38 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.