|
|
Installation of a distributed Cisco Secure Policy Manager system is divided into distinct, order-dependent installations:
Before you begin installing the feature sets for a distributed Cisco Secure Policy Manager system, you should complete the Distributed System Preparation Checklist and verify that you have the following items:
| Task To see specific procedures for these tasks, refer to Appendix A. |
|---|---|
| Bootstrap Managed Devices Ensure that any supported devices you wish to manage have been installed on your network and that you can Telnet from the target host to the managed device. For information on how to bootstrap a managed device, refer to Preparing the Managed Device(s), in Appendix A. |
| Prepare Each Target Host Ensure that the target host for each feature set meets the minimum hardware requirements and runs Windows NT 4.0 (the Policy Administrator host can run Windows NT, 95, or 98). The following settings are also required:
Review and implement any recommend settings for the target hosts, including the following:
For procedures on implementing these settings, refer to Preparing the Target Host(s), in Appendix A. |
| Create a Windows NT Account for Installation Create a special Windows NT account with administrative privileges. For procedures on how to create an account, refer to Creating a Windows NT Account for Installation, in Appendix A. |
| Install Requisite Software Ensure that each target host has the requisite software installed, including the following:
For more information on requisite software, refer to Software Requirements, in Chapter 1. |
| Install Optional Software Decide whether or not you want to install Cisco Secure VPN Client on the Policy Server, Policy Proxy, or Policy Proxy-Monitor hosts. For procedures on installing this software, refer to Installing Cisco Secure VPN Client, in Appendix A. |
The following task outlines the procedures for installing a Policy Server feature set on the target host.
Result: The Autostart panel appears.
Step 2 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 3 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
Result: The License Disk panel appears.
Step 4 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
 |
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 5 To select the type of system to install, click Distributed CSPM.
Result: A brief text description of the distributed system appears in the Installation Option box.
Step 6 To specify the feature set to install, click Policy Server in the Feature Set list.
Step 7 To specify where to install the Policy Server feature set, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
Result: The Account Information panel appears.
Step 8 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
Result: The Settings panel appears.
Step 9 You must select one of the IP addresses configured on the target host for all inbound and outbound Cisco Secure Policy Manager communications. To designate an IP address, select one by clicking it in the Local IP Address list.
Step 10 You must ensure that the Policy Database listens on the proper port for communication requests. The IANA-assigned port number for database communications is 2567. To change the port number, double-click the existing one in the Primary Policy Database box, and then type the desired unused port number.
Step 11 To export the database key, click Export this key, and then type the directory path in the File Destination box to the location where you want to store the key. To proceed to the next panel, click Next.
 |
Caution We do not recommend that you export this key to a network folder, especially one that is shared and readily accessible. Instead, we advise you to export the database key to a floppy disk that is stored in a secure place. Otherwise, you might compromise the security of your network. |
Result: The database key is written to the location that you specified and the Verify Install Settings panel appears.
Step 12 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The TechSmith Screen Capture Codec Installation panel appears.
Step 13 To install the compression software (TSCC) required for viewing the tutorial videos, click Install on the TechSmith Screen Capture Codec Installation panel.
Result: The setup program copies all files to the specified installation folder and creates the necessary Registry keys. Then, the Setup is complete panel appears.
Step 14 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
You have successfully installed the Policy Server feature set for a distributed Policy Manager system. You must now install the remaining feature sets. Follow the steps listed in Installing the Policy Proxy, Policy Monitor, and Policy Administrator Feature Sets for the remaining hosts in your distributed system. If you are installing the Policy Administrator feature set for remote administration, skip Steps 10 and 11.
Before you begin installing the remaining feature sets of a distributed Cisco Secure Policy Manager system, you should verify that you have the following items:
To continue installation of a distributed Cisco Secure Policy Manager system, perform the following task on each target host for the remaining feature sets:
Result: The Autostart panel appears.
Step 2 To begin setup, select Install Product in the Options box, and then click Next.
Result: The License Agreement panel appears.
Step 3 To review all conditions of the license agreement, use the scroll bar on the right side of the window. To accept the license agreement and continue with the installation process, select I accept the agreement. To proceed to the next panel, click Next.
Result: The License Disk panel appears.
Step 4 To specify the location of the Cisco Secure Policy Manager license disk, type the directory path in the Location box, or click Browse to find the correct path. Then, type the corresponding password in the Password box. To proceed to the next panel, click Next.
|
Note By default, the setup program accesses the floppy drive (A:) when searching for the license.dsk file. The unique password is printed on the license disk label. However, if you downloaded the software from CCO, the password is located in a readme file in the downloaded directory. |
Result: The Installation Options panel appears.
Step 5 To select the type of system to install, click Distributed CSPM.
Result: A brief text description of the client-server system appears in the Installation Option box.
Step 6 To specify the feature set to install, click Policy Proxy, Policy Monitor, Policy Proxy-Monitor, or Policy Administrator in the Feature Set list.
Step 7 To specify where to install the feature set, type the directory path to the installation folder in the Installation Folder box, or click Browse to find the correct path. To proceed to the next panel, click Next.
Result: The Key Location panel appears.
Step 8 To specify the location of the Policy Database key, type the directory path to the key in the Primary Policy Database Key box, or click Browse to locate the path.
Result: The Account Information panel appears.
Step 9 To submit the corresponding password for the Windows NT username detected by the setup program, type the password in the Password box. Also, to confirm the password, retype it in the Confirm Password box. To proceed to the next panel, click Next.
Result: The Settings panel appears.
Step 10 You must select one of the IP addresses configured on the target host for all inbound and outbound Cisco Secure Policy Manager communications. To designate an IP address, select one by clicking it in the Local IP Address list.
Step 11 You must ensure that the Policy Database listens on the proper port for communication requests. The IANA-assigned port number for database communications is 2567. To change the port number, double-click the existing one in the Primary Policy Database box, and then type the desired unused port number.
Result: The database key is written to the location that you specified and the Verify Install Settings panel appears.
Step 12 To copy all files to your disk, verify the settings that you chose, and then click Copy Files.
|
Note If you find an incorrect setting, click Back until you arrive at the proper panel. Make the necessary changes, and then click Next to return to the Verify Install Settings panel. |
Result: The TechSmith Screen Capture Codec Installation panel appears.
Step 13 To install the compression software (TSCC) required for viewing the tutorial videos, click Install on the TechSmith Screen Capture Codec Installation panel.
Result: The setup program copies all files to the specified installation folder. Then, the Setup is complete panel appears.
Step 14 To close the setup program, click Finish.
Result: The setup program completes and the window closes.
 |
Tips Repeat Steps 1 through 14 in this section to install the Policy Administrator, Policy Monitor, Policy Proxy, or Policy Proxy-Monitor feature sets on any additional hosts in your distributed Cisco Secure Policy Manager system. |
You have successfully installed a distributed Cisco Secure Policy Manager system. For logon instructions, see the "Logging on to Cisco Secure Policy Manager" section. After you have logged on to the GUI client, you have the option of viewing the Getting Started videos for general guidance on using Cisco Secure Policy Manager.
Posted: Tue Jun 20 13:59:58 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.
