|
|
When you have decided on the type of system to install, completed the appropriate worksheets, and prepared the target host(s) for installation, you are then ready to start the Cisco Secure Policy Manager setup program. The setup program guides you through the installation process step-by-step, prompting you to select what system to install and to submit necessary configuration information. We strongly recommend that you exit all other applications before you start the setup program. We also recommend that you use a special Windows NT account with administrative privileges to log on to the target host(s).
Locate and follow the installation procedures in this chapter for the type of system you want to install. This section includes the following topics:
Before you begin installing a standalone Cisco Secure Policy Manager system, you should verify that you have the following items:
To install a standalone Cisco Secure Policy Manager system, perform the following task:
Result: The Autostart panel appears.
Step 2 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 3 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
 |
Note You cannot proceed with the setup program and install Cisco Secure Policy Manager unless you accept the license agreement. |
Result: The License Disk panel appears.
Step 4 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
|
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 5 To select the type of system to install, click Standalone CSPM.
Result: A brief text description of the standalone system appears in the Installation Option box.
Step 6 To specify where to install Cisco Secure Policy Manager, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
Result: The Account Information panel appears.
Step 7 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
 |
Caution The setup program detects the Windows NT username that you used to log on to the target host and expects you to submit the corresponding password. However, the setup program will create a default Cisco Secure Policy Manager account using the password you type and confirm, even if you type the wrong password or type the password incorrectly. The installation process will continue, but the Cisco Controlled Host Component will fail to start because the username and password for the default Cisco Secure Policy Manager account do not match the Windows NT username and password. You will not be able to log on to Cisco Secure Policy Manager. See "Logging on to Cisco Secure Policy Manager" in "Working with Cisco Secure Policy Manager," for more details. |
Result: The Settings panel appears.
Step 8 You must select one of the IP addresses configured on the target host for all inbound and outbound Cisco Secure Policy Manager communications. The setup program automatically detects all IP addresses on the target host. To designate an IP address, select one by clicking it in the Local IP Address list.
Step 9 You must ensure that the policy database listens on the proper port for communication requests. The IANA-assigned port number for database communications is 2567. To change the port number, double-click the existing one in the Primary Policy Database box, and then type the desired unused port number.
Step 10 To export the database key, click Export this key, and then type the directory path in the File Destination box to the location where you want to store the key. To proceed to the next panel, click Next.
Result: The database key is written to the location that you specified before the Verify Install Settings panel appears.
Step 11 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The setup program copies all files to the specified installation folder and creates the necessary Registry keys. Then, the Setup is complete panel appears.
Step 12 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
You have successfully installed a standalone Cisco Secure Policy Manager system. For logon instructions, see "Logging on to Cisco Secure Policy Manager" in "Working with Cisco Secure Policy Manager." Once you have logged on to the GUI client, you have the option of viewing the Getting Started videos for general guidance on using Cisco Secure Policy Manager.
Installation of a client-server Cisco Secure Policy Manager system is divided into two distinct, order-dependent installations. Installation of the Policy Server feature set, covered in Step 1 through Step 13, is a one-time installation on the primary host. Once the Policy Server feature set is installed, the Policy Administrator feature set can be installed on as many additional hosts as desired for remote administration. Procedures for installing the Policy Administrator feature set are covered in Step 14 through Step 24.
Before you begin installing the Policy Server feature set for a client-server Cisco Secure Policy Manager system, you should verify that you have the following items:
To install a client-server Cisco Secure Policy Manager system, perform the following task:
Result: The Autostart panel appears.
Step 2 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 3 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
Result: The License Disk panel appears.
Step 4 To specify the location of the Cisco Secure Policy Manager license disk type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
|
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 5 To select the type of system to install, click Client-Server CSPM.
Result: A brief text description of the client-server system appears in the Installation Option box.
Step 6 To specify the feature set to install, click Policy Server in the Feature Set list.
Step 7 To specify where to install the Policy Server feature set, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
Result: The Account Information panel appears.
Step 8 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
|
Caution The setup program detects the Windows NT username that you used to log on to the target host and expects you to submit the corresponding password. However, the setup program will create a default Cisco Secure Policy Manager account using the password you type and confirm, even if you type the wrong password or type the password incorrectly. The installation process will continue, but the Cisco Controlled Host Component will fail to start because the username and password for the default Cisco Secure Policy Manager account do not match the Windows NT username and password. You will not be able to log on to Cisco Secure Policy Manager. See "Logging on to Cisco Secure Policy Manager" in "Working with Cisco Secure Policy Manager," for more details. |
Result: The Settings panel appears.
Step 9 You must select one of the IP addresses configured on the target host for all inbound and outbound Cisco Secure Policy Manager communications. The setup program automatically detects all IP addresses on the target host. To designate an IP address, select one by clicking it in the Local IP Address list.
Step 10 You must ensure that the policy database listens on the proper port for communication requests. The IANA-assigned port number for database communications is 2567. To change the port number, double-click the existing one in the Primary Policy Database box, and then type the desired unused port number.
Step 11 To export the database key, click Export this key, and then type the directory path in the File Destination box to the location where you want to store the key. To proceed to the next panel, click Next.
Result: The database key is written to the location that you specified before the Verify Install Settings panel appears.
Step 12 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The setup program copies all files to the specified installation folder and creates the necessary Registry keys. Then, the Setup is complete panel appears.
Step 13 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
You have successfully installed the Policy Server feature set for a client-server Cisco Secure Policy Manager system. You must now install the Policy Administrator feature set on the client(s). Follow Step 14 through Step 24 for each host you want to use as a client for remote administration.
Before you begin installation of the Policy Administrator feature set for remote administration of a client-server Cisco Secure Policy Manager system, you should verify that you have the following items:
Step 14 To initiate the Autostart sequence, insert the Cisco Secure Policy Manager CD-ROM disc into the drive on the host that will serve as a client for remote administration.
Result: The Autostart panel appears.
Step 15 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 16 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
Result: The License Disk panel appears.
Step 17 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
|
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 18 To select the type of system to install, click Client-Server CSPM.
Result: A brief text description of the client-server system appears in the Installation Option box.
Step 19 To specify the feature set to install, click Policy Administrator in the Feature Set list.
Step 20 To specify where to install the Policy Administrator feature set, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
|
Note Review the Space Required and Space Available fields to ensure that the drive specified in the directory path has enough free space for the installation that you selected. If it does not, you must select another hard drive on which to install, or you must exit the setup program and free up enough hard drive space. |
Result: The Key Location panel appears.
Step 21 To specify the location of the Policy Database key, type the directory path to the key in the Primary Policy Database Key box, or click Browse to locate the path.
Result: The Account Information panel appears.
Step 22 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
Result: The Verify Install Settings panel appears.
Step 23 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The setup program copies all files to the specified installation folder and creates the necessary Registry keys. Then, the Setup is complete panel appears.
Step 24 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
 |
Tips Repeat Steps 14 through 24 to install the Policy Administrator feature set on any additional hosts you want to serve as client(s) for remote administration. |
You have successfully installed a client-server Cisco Secure Policy Manager system. For logon instructions, see "Logging on to Cisco Secure Policy Manager" in "Working with Cisco Secure Policy Manager." Once you have logged on to the GUI client, you have the option of viewing the Getting Started videos for general guidance on using Cisco Secure Policy Manager.
Before you begin installing the Policy Server feature set for a distributed Cisco Secure Policy Manager system, you should verify that you have the following items:
To install a distributed Cisco Secure Policy Manager system, perform the following task:
Result: The Autostart panel appears.
Step 2 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 3 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
Result: The License Disk panel appears.
Step 4 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
|
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 5 To select the type of system to install, click Distributed CSPM.
Result: A brief text description of the distributed system appears in the Installation Option box.
Step 6 To specify the feature set to install, click Policy Server in the Feature Set list.
Step 7 To specify where to install the Policy Server feature set, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
|
Note Review the Space Required and Space Available fields to ensure that the drive specified in the directory path has enough free space for the installation that you selected. If it does not, you must select another hard drive on which to install, or you must exit the setup program and free up enough hard drive space. |
Result: The Account Information panel appears.
Step 8 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
|
Caution The setup program detects the Windows NT username that you used to log on to the target host and expects you to submit the corresponding password. However, the setup program will create a default Cisco Secure Policy Manager account using the password you type and confirm, even if you type the wrong password or type the password incorrectly. The installation process will continue, but the Cisco Controlled Host Component will fail to start because the username and password for the default Cisco Secure Policy Manager account do not match the Windows NT username and password. You will not be able to log on to Cisco Secure Policy Manager. See "Logging on to Cisco Secure Policy Manager" "Working with Cisco Secure Policy Manager," for more details. |
Result: The Settings panel appears.
Step 9 You must select one of the IP addresses configured on the target host for all inbound and outbound Cisco Secure Policy Manager communications. The setup program automatically detects all IP addresses on the target host. To designate an IP address, select one by clicking it in the Local IP Address list.
Step 10 You must ensure that the primary database listens on the proper port for communication requests. The IANA-assigned port number for database communications is 2567. To change the port number, double-click the existing one in the Primary Policy Database box, and then type the desired unused port number.
Step 11 To export the database key, click Export this key, and then type the directory path in the File Destination box to the location where you want to store the key. To proceed to the next panel, click Next.
|
Caution We do not recommend that you export this key to a network folder, especially one that is shared and readily accessible. Instead, we advise you to export the database key to a floppy disk that is stored in a secure place. Otherwise, you might compromise the security of your network. |
Result: The database key is written to the location that you specified before the Verify Install Settings panel appears.
Step 12 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The setup program copies all files to the specified installation folder and creates the necessary Registry keys. Then, the Setup is complete panel appears.
Step 13 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
You have successfully installed the Policy Server feature set for a distributed Cisco Secure Policy Manager system. You must now install the remaining feature sets. Complete Steps 14 through 26 for each Policy Proxy, Policy Monitor, and/or Policy Proxy-Monitor host in your distributed system. If you are installing the Policy Administrator feature set for remote administration, skip Steps 23 and 24.
Before you begin installing the remaining feature sets of a distributed Cisco Secure Policy Manager system, you should verify that you have the following items:
Step 14 To initiate the Autostart sequence, insert the Cisco Secure Policy Manager CD-ROM disc into the drive on the target host for the specific feature set you are installing.
Result: The Autostart panel appears.
Step 15 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 16 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
Result: The License Disk panel appears.
Step 17 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
|
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 18 To select the type of system to install, click Distributed CSPM.
Result: A brief text description of the client-server system appears in the Installation Option box.
Step 19 To specify the feature set to install, click Policy Proxy, Policy Monitor, Policy Proxy-Monitor, or Policy Administrator in the Feature Set list.
Step 20 To specify where to install the feature set, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
|
Note Review the Space Required and Space Available fields to ensure that the drive specified in the directory path has enough free space for the installation that you selected. If it does not, you must select another hard drive on which to install, or you must exit the setup program and free up enough hard drive space. |
Result: The Key Location panel appears.
Step 21 To specify the location of the Policy Database key, type the directory path to the key in the Primary Policy Database Key box, or click Browse to locate the path.
Result: The Account Information panel appears.
Step 22 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
Result: The Settings panel appears.
Step 23 You must select one of the IP addresses configured on the target host for all inbound and outbound Cisco Secure Policy Manager communications. The setup program automatically detects all IP addresses on the target host. To designate an IP address, select one by clicking it in the Local IP Address list.
Step 24 You must ensure that the primary database listens on the proper port for communication requests. The IANA-assigned port number for database communications is 2567. To change the port number, double-click the existing one in the Primary Policy Database box, and then type the desired unused port number.
Result: The Verify Install Settings panel appears.
Step 25 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The setup program copies all files to the specified installation folder and creates the necessary Registry keys. Then, the Setup is complete panel appears.
Step 26 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
|
Tips Repeat Steps 14 through 26 to install the Policy Administrator, Policy Monitor, Policy Proxy, or Policy Proxy-Monitor feature sets on any additional hosts in your distributed Cisco Secure Policy Manager system. |
You have successfully installed a distributed Cisco Secure Policy Manager system. For logon instructions, see "Logging on to Cisco Secure Policy Manager" in "Working with Cisco Secure Policy Manager." Once you have logged on to the GUI client, you have the option of viewing the Getting Started videos for general guidance on using Cisco Secure Policy Manager.
Posted: Thu May 25 12:56:16 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.