|
|
This appendix provides discussions and procedures for working with Cisco Secure Policy Manager, including the following sections:
To log on to Cisco Secure Policy Manager, you must access the Log on to Cisco Secure Policy Manager dialog box and submit the appropriate information. When you log on, you are in essence connecting to the policy database on the Policy Server host. On a standalone system, this connection is a local one, but on a distributed or client-server system, this connection is local only if you are logging on using the Policy Server host.
To log on to Cisco Secure Policy Manager, perform the following task:
Step 2 To submit the proper administrative account information, type the username and password in the respective boxes under Policy Manager Authorization in the Log on to Cisco Secure Policy Manager dialog box.
a. To open the Services applet, click Start, point to Settings and then Control Panel, and double-click Services.
b. To access the Cisco Controlled Host Component, select Cisco Controlled Host Component in the Service list and then click Startup.
c. To submit the correct password, click This Account in the Log On As dialog box and then type the correct user name and password.
d. To accept the changes and close the panel, click OK.
Step 3 To connect to the primary database when logging on from the Policy Server, click Local under Policy Database Server. To connect to the primary database when logging on from a secondary host, click Remote Server, and then type the IP address or DNS name in the box (you do not have to specify the port number unless it is different from the default value of 2567). Then, click Connect.
Result: A connection is made with the primary database, and Policy Administrator opens.
The Cisco Secure Policy Manager demo installs the files necessary to explore the user interface without installing a fully functional system. You cannot distribute commands or generate reports using the Cisco Secure Policy Manager demo. The procedures in this section describe the installation process for the demo.
To install the Cisco Secure Policy Manager demo, perform the following task:
Result: The Autostart panel appears.
Step 2 To begin setup of the demo, select Install Demo in the Options box, and then click Next.
Result: The Welcome panel appears.
Step 3 To continue with the demo setup, click Next on the Welcome panel after reading the displayed information.
Result: The Choose Destination Location panel appears.
Step 4 To specify an installation folder other than the default, click Browse. Otherwise, click Next.
Result: The Start Copying Files panel appears.
Step 5 To accept the settings for demo installation and copy the files to the target host, click Next, or click Back to go to a previous panel.
Result: The demo files are copied to the target host, after which the Setup Complete panel appears.
Step 6 To complete the demo installation process, click Finish.
Result: The installation process is complete. You can now open the demo from the program group shortcut menu by accessing the Cisco Secure Policy Manager Demo shortcut found in the Start\Programs\Cisco Systems\Cisco Secure Policy Manager Demo\ folder.
At some point, you may experience a situation that demands either an upgrade, a reinstallation, or an uninstallation of some or all of your Cisco Secure Policy Manager system. For instance, if we issue a patch that fixes known bugs within the system, you will probably want to upgrade your system with that patch. Additionally, a suspected corrupt file may necessitate a reinstallation of the existing version of the system.
Regardless of the situation, you have access to two methods of performing these tasks, depending on what task you are trying to perform and on what host (the primary host or a secondary host) you are working. The local maintenance method enables you to perform these tasks for the local host on which you are working, while Installation Manager enables you to reinstall or uninstall any feature set installed on a secondary host (from any other primary or secondary host). The following two sections describe each method and when to use it.
This section includes the following topics:
When you are working on a particular host on which you have installed a standalone system or one of its distributed feature sets, you can perform an upgrade, reinstallation, or uninstallation that affects only that local host. This functionality is built into the setup program.
You can initiate one of these local procedures by inserting the source disc into the CD-ROM drive (or by double-clicking the executable file), after which the Autostart program begins and performs a check on both the source disc and the installed system. It then displays the possible tasks that you can perform. For example, if you purchase a new upgraded version of Cisco Secure Policy Manager and insert the source CD-ROM into the drive, the Autostart program detects the newer version on the source disc and prompts you to upgrade whatever is installed on the local system.
 |
Note If you are performing local maintenance on the primary host (on which the Policy Server is installed) of a distributed system, you must also go to each individual secondary host and perform the same task. |
The only way to upgrade, reinstall, or uninstall the Policy Server is by using this local maintenance method while logged on to the primary host. You cannot use Installation Manager to perform any of these tasks remotely for the Policy Server. The next section explains what you can do with Installation Manager.
Installation Manager is a utility that enables you to perform a remote reinstallation or uninstallation for any distributed feature set installed on a secondary host (Policy Proxy, Policy Monitor, Policy Proxy-Monitor, and Policy Administrator). You cannot use this utility to perform any of these tasks remotely for the Policy Server, which requires the local maintenance method as described in the preceding section. The next section explains how to access the Installation Manager utility.
To access Installation Manager from the program group, perform the following task:
Result: The shortcut menu for the Cisco Secure Policy Manager program group appears.
Step 2 Click Installation Manager on the shortcut menu.
Result: Installation Manager opens, displaying the Advanced Options panel.
To access Installation Manager from the Autostart panel:
Result: The Autostart panel appears.
Step 2 To start Installation Manager, click Advanced in the Autostart panel.
Result: Installation Manager opens, displaying the Advanced Options panel.
|
Note The Advanced button is disabled until you install the requisite software, including the required Windows NT Service Pack and HTML Help update. |
To upgrade using the local maintenance method, perform the following task:
Result: The Autostart panel appears, and the What Do I Need To Do? box explains the results of the system check.
Step 2 To continue with the upgrade process, select Install Product in the Options box. To proceed to the next panel, click Next.
Result: The License Disk panel appears when you upgrade between major versions.
Step 3 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then type the corresponding password in the Password box. To proceed to the next panel, click Next.
Result: The Backup Folder panel appears.
Step 4 To specify the location in which to store the backup file of your current system, type a valid directory path in the Backup Folder box. To proceed to the next panel, click Next.
Result: A file containing your current system data is stored in the location that you specify. You can use this backup file to restore the system to the exact configuration at the time the backup was created. After you click Next, the Verify Settings panel appears.
Step 5 To verify the settings that you chose before copying files, use the scroll bar on the right side of the window. Review all settings carefully before clicking Copy Files.
Result: The system or feature set on the local host is upgraded to the newer version.
You can use the local maintenance method or Installation Manager to reinstall your system. However, there are distinct differences between the methods that make one method more practical, depending on what feature set you are reinstalling and on which host. Installation Manager allows you to remotely reinstall any feature set, except the Policy Server. The local maintenance method enables you to locally reinstall any feature set. When using the local maintenance method to reinstall a secondary host, you have the option of keeping the existing data stored in the secondary database, or synchronizing it with the data stored in the primary database on the Policy Server host. When using Installation Manager to reinstall a secondary host, the binary files are reinstalled, but the database is not.
To reinstall using the local maintenance method, perform the following task:
Result: The Autostart panel appears, and the What Do I Need To Do? box explains the results of the system check.
Step 2 To continue with the reinstallation process, select Install Product in the Options box. To proceed to the next panel, click Next.
Result: The Policy Database panel appears.
Step 3 To specify that you want to use the Policy Database data currently used by this Cisco Secure Policy Manager host, click Keep old Database, click Next, and skip to Step 6. Otherwise, continue with Step 4.
Step 4 To specify that you want to use a backed up database stored in the primary database on the Policy Server host, click Recover Database from backup folder.
|
Note When you recover a database from the backup folder, you access a backup stored on the primary host. If you have not created a backup of your current database, no backups will be present for you to select. |
Step 5 To specify the backup folder on the primary host that you want to use to recover/reinstall the system or feature set, type that folder name in the Backup Folder box. To proceed to the next panel, click Next.
Step 6 To verify the settings that you chose before copying files, use the scroll bar on the right side of the window. Review all settings carefully before clicking Copy Files.
Step 7 To complete the reinstallation, click Finish.
Result: The system or feature set on the local host is reinstalled.
To reinstall using Installation Manager, perform the following task:
Result: The Connect to Policy Database dialog box appears.
Step 2 To submit the proper administrative account information, type the username and password in the respective boxes in the Connect to Policy Database dialog box. If you are logged on to the Policy Server, select Local; otherwise, select Remote Server, and then type the IP address or DNS name in the box (you do not have to specify the port number unless it is different from the default 2567). Then, click Connect.
Result: Installation Manager connects to the Primary Policy Database (either locally or remotely, depending on what you specified) and retrieves data about all secondary servers with installed feature sets. Then, the Remote Hosts panel appears.
Step 3 To designate which feature set to reinstall, select the name of the secondary server on which it is installed in the Name box under Include these hosts. Then, click Next.
Result: A dialog box displays a message asking if you really want to reinstall the specified feature set. After you click Yes, the Open dialog box appears.
Step 4 To specify the setup.exe file that contains the version of Cisco Secure Policy Manager identical to the one currently installed on the host, select that file in the Open dialog box, and then click Open.
You must select the setup.exe file in the root directory on the Cisco Secure Policy Manager CD-ROM disc. If you downloaded the zip file, the setup.exe file is located in the directory where you extracted the zip file.
Result: The reinstallation process begins. The % column indicates the completion rate for the reinstallation process.
At any time, you can uninstall any secondary host or the entire Cisco Secure Policy Manager product. To uninstall a single secondary host, you only need to uninstall the product on that host. If you need to remove the entire product and you have a distributed system, you must uninstall the Policy Server last. Remember that you must use the local maintenance method for uninstalling the Policy Server, but you can use either method for the other distributed feature sets.
|
Note You can uninstall a secondary host at anytime and later install that secondary host again without having to uninstall/reinstall the entire product. |
To uninstall using the local maintenance method, perform the following task:
Result: The shortcut menu for the Cisco Secure Policy Manager program group appears.
Step 2 Click Remove Cisco Secure Policy Manager on the displayed program group.
Result: A dialog box prompts you to confirm the uninstallation before all files, directories, and Registry entries are removed from the local host.
You must reboot to complete the uninstallation.
To uninstall using Installation Manager, perform the following task:
Result: The Connect to Policy Database dialog box appears.
Step 2 To submit the proper administrative account information, type the username and password in the respective boxes in the Connect to Policy Database dialog box. If you are logged on to the Policy Server, select Local; otherwise, select Remote Server, and then type the IP address or DNS name in the box (you do not have to specify the port number unless it is different from the default 2567). Then, click Connect.
Result: Installation Manager connects to the primary database on the Policy Server host (either locally or remotely, depending on what you specified) and retrieves data about all secondary hosts with installed feature sets. Then, the Remote Hosts panel appears.
Step 3 To designate which feature set to uninstall, select the name of the secondary host on which it is installed in the Name box under Include these hosts. Then, click Next.
Result: A dialog box displays a message asking if you really want to uninstall the specified feature set. After clicking Yes, the uninstallation process begins. The % column indicates the completion rate for the uninstallation process.
The secondary host will automatically reboot to complete the uninstallation.
Posted: Thu May 25 12:51:34 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.