|
|
The GUI client provides the primary interface for policy definition, enforcement, and auditing for your Cisco Secure Policy Manager system. As such, it provides an important link between you and the Policy Database. Resetting and restoring the GUI client are crucial operations in maintaining your Cisco Secure Policy Manager system.
In this chapter you will find the following topics, with accompanying procedures:
The Reset command refreshes the GUI client to reflect the initial default state of the Primary Policy Database at the time you installed Cisco Secure Policy Manager. This state does not include any changes that you made following the Setup program. The Reset command will discard all configuration changes that you have made and should only be used as a last resort to solving severe technical problems. Consider the resulting state of the Policy Database to be the same as its state immediately following installation.
 |
Warning After you perform a Reset operation, you must review the list of network objects in the General panel associated with the Network Topology tree and either re-install each network object or remove it. The GUI client maintains references to all network objects that are separate from the Policy Database references. These references can cause the incorrect command sets to be generated and distributed to the Policy Enforcement Points defined under the Network Topology tree. By re-installing or removing these network objects from the Network Topology General panel, you ensure that the incorrect commands are not generated for your Policy Enforcement Points. |
 |
Caution When you use Reset, you will lose all information related to network topology, customized network services, policy abstracts, and all administrator accounts that you have added. Use the Reset command only as a last resort to solving severe technical problems. |
The Reset command refreshes the GUI client to reflect the initial default state of the Primary Policy Database immediately following installation. When you installed Cisco Secure Policy Manager, it created an initial default state for the Policy Database. This initial default state contains only minimal configuration settings, which you specified during installation. The following are also included in the default state:
No information is included about your network topology, applied security policies, or any administrator accounts that you added since you installed Cisco Secure Policy Manager.
When you click Reset on the File menu, the GUI client portion of the Policy Database is reset to the initial defaults. You will lose the following:
The Reset command will be particularly useful to you when you are first building network topologies and policies. You will be able to experiment with different configurations under different scenarios before saving any changes to the Primary Policy Database. You can also use the Reset command in the case of severe technical problems, such as network policy configurations that allow security breaches of your network. However, in this instance, you should use the Reset command only as a last resort and with extreme caution. In either case, the Reset command enables you to configure your network policy from the beginning without reinstalling Cisco Secure Policy Manager.
 |
Note Any changes that you have made to Configure Logging and Notifications settings and Scheduled reports (Defined Reports) are not affected by the Reset operation. The current settings will remain intact. |
|
Note You can effectively cancel the Reset operation and return to the state of the Primary Policy Database as of the last Save or Save and Update operation, whichever is more recent of the two. To do so, click Restore on the File menu immediately following the Reset operation. Another way to cancel the Reset operation is to exit the GUI client immediately following the Reset operation without saving the updated data. The next time you start the GUI client, the state of the Primary Policy Database as of the last Save or Save and Update will be reflected in the GUI client. |
|
Warning After you perform a Reset operation, you must review the list of network objects in the General panel associated with the Network Topology tree and either re-install each network object or remove it. The GUI client maintains references to all network objects that are separate from the Policy Database references. These references can cause the incorrect command sets to be generated and distributed to the Policy Enforcement Points defined under the Network Topology tree. By re-installing or removing these network objects from the General panel, you ensure that the incorrect commands are not generated for your Policy Enforcement Points. |
|
Caution When you use the Reset command, you will lose all information related to network topology, customized network services, policy abstracts, and all administrator accounts that you have added. Use the Reset command with extreme caution and only as a last resort to solving severe technical problems. |
To reset the GUI client to the initial default state (the state it was in immediately following installation), perform the following task:
Result: A Cisco Secure Policy Manager dialog box displays a message informing you that the Reset command will reset the GUI client portion of the Policy Database to its initial state.
Step 2 To accept that all network topology, customized network services and policy abstracts, and any administrator accounts that have been added will be lost and to continue with the Reset command, click OK in the Cisco Secure Policy Manager dialog box.
Result: A dialog box informs you that a default administrative account for the GUI client has been created on the basis of the administrator who is currently logged on.
Step 3 To accept that a default administrative account for the GUI client has been created, click OK in the Cisco Secure Policy Manager dialog box.
Result: All customized configuration settings and accounts are deleted. The GUI client reflects the initial default state of the Primary Policy Database.
|
Caution Use extreme caution when deciding to save configuration settings following a Reset operation. If you click Save, you will lose all information related to network topology, customized network services, policy abstracts, and all administrator accounts that you have added. |
Step 4 To save default configuration settings, click Save on the File menu.
|
Note If you did not click Save immediately following the Reset operation, you can effectively cancel the Reset operation and return to the state of the Primary Policy Database as of the last Save or Save and Update operation, whichever is more recent of the two. To do so, click Restore on the File menu immediately following the Reset operation. Another way to cancel the Reset operation is to exit the GUI client immediately following the Reset operation without saving the updated data. The next time you start the GUI client, the state of the Primary Policy Database as of the last Save or Save and Update will be reflected in the GUI client. |
|
Warning After you perform a Reset operation, you must review the list of network objects in the General panel associated with the Network Topology tree and either re-install each network object or remove it. The GUI client maintains references to all network objects that are separate from the Policy Database references. These references can cause the incorrect command sets to be generated and distributed to the Policy Enforcement Points defined under the Network Topology tree. By re-installing or removing these network objects from the General panel, you ensure that the incorrect commands are not generated for your Policy Enforcement Points. |
After you perform a Reset operation, you must manually remove from the Available Network Objects list any network objects that were previously defined under the Network Topology tree and that you do not intend to reinstall.
|
Warning After you perform a Reset operation, you must review the list of network object references in the General panel associated with the Network Topology tree and either reinstall each network object or remove it. The GUI client maintains references to all network objects that are separate from the references used by the other agents within the Cisco Secure Policy Manager system. These references can cause incorrect command sets to be generated and distributed to the Policy Enforcement Points defined under the Network Topology tree. By reinstalling or removing these network objects from the General panel, you ensure that incorrect commands are not generated for your Policy Enforcement Points. |
To remove unused network objects, perform the following task:
Result: The General panel of the Network Topology node appears in the View pane.
Step 2 To select a network object that you want to remove, click that network object name in the Available Network Objects list.
Step 3 To remove the selected network object, click Remove.
Step 4 For each network object that you want to remove, repeat Steps 2 and 3.
Step 5 To close the General panel, click OK.
Step 6 To save any changes that you have made, click Save on the File menu.
The Restore command on the File menu discards any changes you have made during the current work session and refreshes the GUI client to reflect the state of the Primary Policy Database as of the last Save or Save and Update operation, whichever is more recent of the two. All changes made since the last Save or Save and Update operation will be lost.
The Restore command deletes any changes you have made during the current work session and refreshes the GUI client to reflect the state of the Primary Policy Database as of the last Save or Save and Update operation, whichever is more recent of the two. All changes made since the last Save or Save and Update operation will be lost.
Use Restore, for example, when you have made a series of edits under an invalid assumption about your network. Rather than having to go back and individually undo each edit, you can click Restore on the File menu to return to the last saved configurations that you made using the GUI client.
Also, for administrators who are operating in read-only mode, Restore refreshes the GUI client to reflect any changes to the Primary Policy Database that may have been made and saved in the interim by an administrator with full access privileges.
|
Note Following a Reset operation, the Restore command will refresh the GUI client with a view of previously saved settings. |
|
Note Use Restore, for example, when you have made a series of edits under an invalid assumption about your network. Restore will return you to the last saved configurations in network policy. Also, following a Reset operation, the Restore command will refresh the GUI client with a view of previously saved settings. |
To restore the GUI client to reflect previously saved configurations, perform the following task:
Result: A dialog box warns you that the Restore command will erase all current changes that you have made using the GUI client and refresh the view with the state of the Primary Policy Database as of the last Save or Save and Update operation.
Step 2 To accept that current changes will be lost and to continue with the Restore command, click OK in the Cisco Secure Policy Manager dialog box.
Result: Current changes are deleted and the previously saved state of the Primary Policy Database is reflected in the GUI client.
Posted: Thu May 25 13:50:36 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.