Table Of Contents
Managing Devices
About Device Types
About the Device List Window
Using the Device List Window
Adding a Device
Adding Multiple Devices
Importing Device Certificates
Removing a Device or DCS Server
Viewing Device Details
Verifying Device Connectivity
Managing Groups
Searching for Devices
Configuring Devices
Copying Device Settings
Managing Antivirus Installations
Locating OfficeScan Servers
Accessing an OfficeScan Server
Managing Devices
This chapter explains how to manage network devices through the web console. It contains the following sections:
•
About Device Types
• About the Device List Window
• Managing Antivirus Installations
About Device Types
Cisco ICS can manage switches, routers, IPS appliances and Cisco IOS IPS devices. For a more detailed list of supported device types and models, see Minimum System Requirements, page 1-6.
Table 4-1 contains important information about each type of device.
Table 4-1 Device Types
Device Type
|
Description
|
Account Credential
|
OPACL Deployment
|
OPSig Deployment
|
OPACL Mode
|
Switches
|
Standard Cisco switches
|
Level 15 or root view
|
To physical interfaces (inbound traffic only)
To VLANs (inbound and outbound traffic)
|
No
|
Blocking
|
Routers
|
Standard Cisco routers
|
Level 15 or root view
|
To interfaces (inbound and outbound traffic)
|
No
|
Blocking
|
IPS devices
|
An IPS device is the combination of the following:
•Cisco 4200 Series Intrusion Prevention System Sensors (IPS-4200)
•Intrusion Detection System Service Modules (IDSM2)
•Cisco ASA-5500 Series Adaptive Security Appliances with Advanced Inspection and Prevention modules (ASA-5500-AIP)
|
Admin
|
To interfaces (inbound and outbound traffic)
|
Yes
|
Blocking and Logging
|
Cisco IOS IPS devices
|
Any router with an Cisco IOS IPS image
|
Admin
|
To interfaces (inbound and outbound traffic)
|
Yes
|
Blocking and Logging
|
In addition to routers, switches, IPS appliances, and Cisco IOS IPS devices, you can also add a Damage Cleanup Services server and a Trend Micro OfficeScan server to Cisco ICS. For more information, see Registering a DCS Server to a Cisco ICS Server, page A-2, and Managing Antivirus Installations.
You can add a device and an interface to more than one Cisco ICS server, but we do not recommend doing so. Use only one Cisco ICS server to manage each device.
For instructions on preparing a Cisco IOS IPS router to be used with Cisco ICS, see Appendix B, "Preparing Cisco IOS Routers."
About the Device List Window
This section describes the Device List window and how to use it. It contains the following topics:
• Using the Device List Window
• Adding a Device
• Adding Multiple Devices
• Importing Device Certificates
• Removing a Device or DCS Server
• Viewing Device Details
• Verifying Device Connectivity
• Managing Groups
• Searching for Devices
• Configuring Devices
• Copying Device Settings
• Accessing an OfficeScan Server
Using the Device List Window
Cisco ICS manages a variety switches, routers, and IPS devices to provide comprehensive virus outbreak protection. If a Damage Cleanup Services (DCS) server is installed on the network, Cisco ICS can also help clean up infected hosts if an outbreak has already occurred.
The Device List window displays the device list tree, a tool that provides centralized management of your network devices (see Using the Device List Tree, page 3-3). A menu, located at the top of the tree, lets you accomplish the following tasks:
•Add and remove devices
Before you can manage devices, you must add them to the device list tree, which registers devices to the Cisco ICS server. For details, see Adding a Device, and Removing a Device or DCS Server.
•Verify device connectivity
You can verify that the Cisco ICS server can successfully connect to and communicate with the devices registered to it. Cisco ICS generates an Event log entry every time you verify device connectivity. For more information, see Event Logs, page 10-5.
Note You cannot add DCS servers from the Cisco ICS web console until after you register the Cisco ICS server with a DCS server from the DCS web console. See your DCS documentation for details.
•Add groups
You can keep the device tree organized and arrange devices into groups. Group folders appear on the Directory pane.
•Move devices
You can move devices from one group folder to another by clicking the device and dragging it to the desired folder in the Directory pane.
•Search for devices
You can locate registered devices by searching according to device type, device name, IP address, connection status, or OPACL deployment status.
•Configure devices
You can configure interface and VLAN settings and modify the device communications settings, such as the logical name and IP address.
•Copy settings
If multiple devices require the same settings, you can configure one device and copy its settings to the others instead of configuring each device separately.
•Deploy components to IPS devices and DCS servers
You can manually deploy OPSig files to IPS devices and Damage Cleanup engines and pattern files to DCS servers.
Note By default, Cisco ICS deploys the components on the server immediately after download. To deploy the most up-to-date versions, download the latest components from the update source.
•Locate antivirus installations
If Trend Micro OfficeScan servers are installed on the network, you can log in to an OfficeScan server web console from the Cisco ICS web console. To locate antivirus installations, click AV Locator in the device tree menu.
Adding a Device
To add a device, follow these steps:
Step 1 Do one of the following:
•Choose Devices > Add Device.
•Click Device List and then click Add Device in the top menu of the device tree.
The Add Device window appears.
Step 2 Configure the following:
•Device Type—Select from the following:
–Cisco IPS device/Cisco IOS IPS device
For instructions on preparing a Cisco IOS IPS router to be used with Cisco ICS, see Appendix B, "Preparing Cisco IOS Routers."
–Cisco router
–Cisco switch
•License—Click ACL License or IPS License. You can add devices only if corresponding licenses are available. For more information, see About Device Licenses, page 9-9.
•Logical Name—Enter a name between 1 and 31 characters to identify the device. This name appears in the device tree. The following characters are not allowed: / \ [ ] " : ; | < > + = , ? ' * !
•IP Address—Enter the IP address of the device. Subnet mask information is not necessary.
•Communication—Select the protocol for Cisco ICS to use to communicate with the device: SSH or Telnet for switches and routers, HTTP or HTTPS for IPS devices.
•Port—Enter the port number through which to communicate with the device.
•Username, Password, and Password Confirmation—Enter the administrator account username and password and confirm the password to access the device. Spaces and the question mark character (?) are not allowed.
For routers and switches, enter level 15 or root view account credentials. For IPS and Cisco IOS IPS devices, enter administrator access account credentials.
•ACL Settings—If you are adding a switch, click the location to which Cisco ICS deploys the OPACL: Physical interface or VLAN. For routers and IPS devices, OPACLs are applied to physical interfaces only.
•Public Key Deployment Settings—If you are adding an IOS IPS device, specify the settings Cisco ICS will use to deploy the Trend Micro public key to the device. Use the default selections (SSH for connection and 22 for port) or change the settings.
Note If you select Telnet, the port number will automatically change to 23. If your IOS IPS devices will use a different port to establish connection, or if several IOS IPS devices will share the same IP address in a Network Address Translation (NAT) environment, enter a different port number after selecting SSH or Telnet.
Step 3 Click Save to save the settings and return to the Device List window.
If you are adding a router or switch, click Save & Configure to add the device, import the device certificate, and configure additional settings.
If you are adding an IPS or IOS IPS device, click Save & Verify to add the device, import the device certificate, and test that the network connection between Cisco ICS and the device is working properly.
Step 4 Verify that the device appears in the device list tree.
Note By default, the device appears in the main folder under the root icon. To move devices from one group folder to another, click the device and drag it to the desired folder in the Directory pane.
Adding Multiple Devices
If you want to add many devices concurrently, you can use a command line tool that is automatically included in the Cisco ICS program package. The following components are required:
•BatchAddDev.ini—The configuration file that the tool uses to access the Cisco ICS server.
•BatchAddDev.exe—The executable file that runs the tool.
•Device information file—A comma-delimited text file you create to list the details for all devices. The following are requirements for the device information file:
–An ASCII text-based file.
–One or more comma-delimited fields for each device entry.
–No spaces between fields.
–A carriage return after each entry.
–Comment lines that begin with a colon (:). For example,
: comment line
–The following format for each entry in the file:
<device_type>,<license_level>,<logical_name>,<IP_address>,<protocol>,<port>,
<username>,<password>,<importing_protocol>,<importing_port>,<acl_setting>,<interfa
ce_name_n>,<opacl_direction_n>,<pre_acl>
Table 4-2 describes each field.
Table 4-2 Device Information
Field
|
Description
|
<device_type>
|
•SWT—switch
•RTR—router
•IPS—IPS appliance or Cisco IOS IPS device
|
<license_level>
|
License type—1 for an ACL license or 2 for an IPS license. If the device type is IPS, Cisco ICS automatically sets the license level to 2.
|
<logical_name>
|
A name that identifies the device. This name appears in the device tree. The following characters are not allowed: / \ [ ] " : ; | < > + = , ? ' * !
|
<IP_address>
|
The IP address of the device. Subnet mask information is not necessary.
|
<protocol>
|
The protocol that Cisco ICS uses to communicate with the device:
•SSH or TELNET—For switches and routers
•HTTP or HTTPS—For IPS devices
|
<port>
|
The port number through which communication takes place.
|
<username>
|
The administrator account username required to access the device. If you are adding a switch or router, use the required username to access it through a virtual VTY connection. If the switch or router does not require a VTY password, leave this field blank.
|
<password>
|
The corresponding password for the username. If you are adding a switch or router, use the required password to access it through a VTY connection. If the switch or router does not require a VTY user name, leave this field blank.
|
<importing_protocol>
|
If the entry is an IOS IPS device, the protocol Cisco ICS uses to deploy the Trend Micro public key to the device:
•SSH or TELNET
If you do not specify a protocol, Cisco ICS uses SSH by default.
Leave this field blank if the entry is not an IOS IPS device.
|
<importing_port>
|
If the entry is an IOS IPS device, the port number Cisco ICS uses to deploy the Trend Micro public key to the device. If you do not specify a port number, Cisco ICS will use port 22 by default.
Leave this field blank if the entry is not an IOS IPS device.
|
<acl_setting>
|
•PHYS—Apply the OPACL to physical interfaces. Use this option for routers.
•VLAN—Apply the OPACL to VLANs.
Cisco ICS ignores this field if the device is an IPS appliance or a Cisco IOS IPS device.
|
<interface_name_n>
|
The same string output as in the show interface command. Add multiple interface names if necessary. Each interface name must be followed by the OPACL direction field (see the next command). Enter any number of field pairs, provided that they exist on the device.
|
<opacl_direction_n>
|
•IN—Apply OPACL rules to incoming traffic.
•OUT—Apply OPACL rules to outgoing traffic.
Each OPACL direction field follows an interface name (see the previous command). Enter any number of field pairs provided that they exist on the device.
|
<pre_acl>
|
An optional ACL that takes precedence over an OPACL and any other ACL that already exists on
a device. This field must contain a valid Cisco IOS syntax command or series of commands separated by semicolons.
|
Table 4-2 shows sample entries for each device:
Table 4-3 Sample Entries
Device Type
|
Sample Entry
|
Router or Switch
|
SWT,1,Switch_1,10.10.10.10,TELNET,23,UserName,Password,,,PHYS,Ethernet0,
IN,PreACL
|
IPS device
|
IPS,2,IPS_1,10.10.10.11,HTTP,80,UserName,Password
|
IOS IPS device
|
If the default import protocol and port are used:
IPS,2,IOSIPS_1,10.10.10.12,HTTP,80,UserName,Password
OR
IPS,2,IOSIPS_1,10.10.10.12,HTTP,80,UserName,Password,SSH,22
If the default import protocol and port are not used:
IPS,2,Device_C,200.1.1.2,HTTP,3002,UserName,Password,TELNET,3001
|
Note If you add multiple switches and routers that have different virtual terminal (VTY) connection username and password requirements, the tool might not add some devices. You should add devices that require a username and password in one batch and devices that do not require a username and password in another batch. Mixing the two types of devices can cause a CGI timeout or connection failure error message to appear.
To add multiple devices, follow these steps:
Step 1 Create a device information text file with an entry for each device you want to add.
Step 2 Open a command prompt on the computer hosting the Cisco ICS server.
Step 3 Go to the following directory:
C:\Program Files\Cisco Systems\CICS\ PCCSRV\Admin\Utility\BatchAddDev
Step 4 Configure the BatchAddDev.ini file:
a. Open the file in a text editor.
b. Modify the address and port values to your Cisco ICS server IP address and the port you use to connect to the web console.
c. If you are using HTTP to connect to the web console, modify the SSL_Enable value to 0. If you are using HTTPS, modify the value to 1.
Step 5 Enter the following command: BatchAddDev.exe {filename}, where {filename} is name of the device information text file you created. Cisco ICS parses the file and shows a result for each entry.
Step 6 Verify that the devices appear in the device list.
If Cisco ICS is unable to parse an entry, modify the entry in the text file and run the tool again.
Note If Cisco ICS cannot add an interface, it skips that interface but continues to add the other specified interfaces.
For a list of the error messages that might appear when you are using the tool and for potential solutions., see Multiple Device Addition Messages, page D-10.
Importing Device Certificates
By default, all network devices that Cisco ICS supports generate a digital certificate. Cisco ICS obtains certificate information from the devices when you add them to the device list, but you must import the certificates through the web console. If you do not import a device's certificate, the device appears offline in the device list and you cannot manage it. You can import a certificate at the time you are adding the device, or later from the Device Certificates window. For more information, see Managing Certificates, page 9-6.
Removing a Device or DCS Server
To remove a device or DCS server, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 In the device list, select the items you want to remove. Use the Ctrl and Shift keys to make multiple selections.
Step 3 Click Remove.
Step 4 To remove a DCS server, click Unregister.
Note Removing a device or DCS server does not remove any Pre-ACLs, OPACLs, OPSigs, or DCS components already applied to devices. You can manually stop active tasks to remove applied OPACLs or leave OPACLs on the devices. They expire automatically at the configured OPACL end date (default is 2 hours for automatic tasks). You can also modify or remove OPACLs by connecting to the device directly.
Viewing Device Details
The Device List pane shows the following details about each device:
•Logical Name—The name of the entity (group name or device name).
•Type—The type of entity (folder or device type).
•Product Version—DCS server version number.
This appears only if Cisco ICS is registered with a DCS server and you click the AV Software folder.
•IP Address—The IP address of the device as configured for the device communication settings.
•Connection—Online or Offline.
•Version—The Cisco IOS image on a switch or router or the IPS image on an IPS appliance.
•OPACL Status—If the OPACL on the Cisco ICS server was deployed, a green check mark appears. If not, the field is empty.
•OPSig—If the OPSig on the Cisco ICS server was deployed, the version number appears. If not, the field is empty.
•DCT—Damage Cleanup template version number.
This appears only if Cisco ICS is registered with a DCS server and you click the AV Software folder.
•DCE—Damage Cleanup engine version number.
This appears only if Cisco ICS is registered with a DCS server and you click the AV Software folder.
•Spyware pattern—Spyware pattern version number.
This appears only if Cisco ICS is registered with a DCS server and you click the AV Software folder.
Verifying Device Connectivity
To test whether the Cisco ICS server can successfully communicate with registered devices, use the Device List window to verify the connection. Cisco ICS uses the device communications setting protocol you selected for the verification.
Cisco ICS generates an event log entry every time you verify device connectivity. For more information, see Event Logs, page 10-5.
You can also set a verify connection schedule. For more information, see Setting a Verify Connection Schedule, page 9-5.
To verify device connectivity, follow these steps:
Step 1 Click a device on the Device List window. To select multiple devices, click a group folder or click the root icon to select all devices registered to the server.
Step 2 Click Verify Connection.
A confirmation message appears.
Step 3 Click Refresh.
Step 4 Click OK.
Step 5 Under Connection in the Device List pane, verify that the status of the device is online. If the device is still offline after you verify the connection, for tips on resolving connection issues, see Device Configuration Troubleshooting Tips, page D-8.
Note The default verify connection timeout is 22 seconds. You cannot modify this value from the web console.
Managing Groups
To help keep the device tree organized, arrange devices into groups. Groups appear as folders in the device list tree. A maximum of three subgroup folders can exist in one hierarchy under a single group folder.
This section describes how to add and remove groups and contains the following topics:
• Adding a Group
• Removing a Group
Adding a Group
To add a group, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click the main folder under the Cisco ICS root in the Directory pane.
Step 3 Click Add Group.
The Add Group window appears.
Step 4 Enter a name for the group up to 31 characters. The following characters are not allowed:
/ \ [ ] " : ; | < > + = , ? ' * !
Step 5 Click Save.
The group appears in the device tree.
Removing a Group
To remove a group, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click the group folder in the Device List pane (not the Directory pane).
Step 3 Click Remove.
The group no longer appears in the device tree.
Searching for Devices
Cisco ICS provides the option of searching for the following devices and products in the device tree:
•Cisco IPS device
•Cisco router
•Cisco switch
•Trend Micro OfficeScan server
•Trend Micro Damage Cleanup Services server (if Cisco ICS registers with a DCS server)
To search for devices in the device tree, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click Search on the Device List window.
The Search window appears.
Step 3 Check the check boxes next to the criteria that define the search:
•Product type—Select the device or product from the list.
•Logical name—Enter the name of the device or product. The name is case-sensitive and must match exactly.
•IP—Click either IP range or IP address and enter the range or the specific IP address and the corresponding mask. Cisco ICS uses the exact value of the IP address bits that correspond to the 1 bits in the mask. For example, if you use the IP address 10.10.10.10 with the mask 255.255.0.0, Cisco ICS searches for IP addresses 10.10.0.0 to 10.10.255.255.
•Connection—Click Online or Offline.
•OPACL—Click Deployed or Disabled.
Step 4 Click Search. The results appear in the device tree.
Step 5 Click Search Result to see the items that match the criteria.
Configuring Devices
The following section explains how to configure switches, routers, and IPS devices already registered to Cisco ICS. It contains the following topics:
• Configuring Switches
• Configuring Routers
Configuring Switches
You configure physical interface or VLAN settings after you add a switch and configure communication settings. If changes occur to switch settings, such as the IP address or authentication credentials, modify the communications settings again.
This section describes how to configure interface and VLAN settings and contains the following topics:
• Configuring Interface Settings
• Configuring VLAN Settings
Configuring Interface Settings
If physical interfaces are configured on the switch, specify which interfaces Cisco ICS manages while outbreak management tasks are active.
Note OPACL rules are applied to both inbound and outbound traffic for VLANs and inbound traffic for physical interfaces.
To configure interface settings, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click a switch in the device list.
Step 3 Click Configure.
The Configure Cisco Switch window appears with the Communication Settings tab displayed by default.
Step 4 Click the Interface Settings tab or the VLAN Settings tab. The tabs available depend on your selection for ACL settings on the Add Device window.
The following information appears in the Interface Settings table:
•Interface Name—The name of the interface as configured for the switch. You cannot modify interface names from the Cisco ICS console.
•Direction—The traffic direction to which the ACL blocking settings are applied.
•ACL Settings—The names of ACLs applied to the interface.
–Pre-ACL—ACL commands that appear first in the ACL. Click Edit to modify.
–Current ACL—The combination of Pre-ACL, OPACL, and any preconfigured ACL currently applied to the interface. Click the link to view.
Step 5 Click Add Interface.
Step 6 Click the names of the switch interfaces to add.
Note Adding one interface could result in the automatic addition of other interfaces if they have the same ACL applied. Interfaces with the same ACL applied are grouped together.
Step 7 From the Direction list, choose the traffic direction to which the ACL blocking settings are applied:
•In
•Out
•In/Out
Step 8 Click Save.
A window appears, showing a summary of the interfaces you added. If you applied more than one interface to the same ACL, all the interfaces are added and grouped together.
Step 9 Click Close.
Verify that the interface was added to the summary table. If an outbreak management task is active, the Deploy to Network Devices link becomes active.
Step 10 Click Deploy to Network Devices to deploy the existing ACLs to the new interface.
Note If one or more outbreak management tasks are active and you add an interface, Cisco ICS does not apply the existing OPACL to the new interface. You must update the device manually by clicking Deploy to Network Devices.
Configuring VLAN Settings
If VLANs are configured on the switch, specify which VLANs Cisco ICS will manage while outbreak management tasks are active.
To configure VLAN settings, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click a switch in the device list.
Step 3 Click Configure.
The Configure Cisco Switch window appears, with the Communication Settings tab displayed by default.
Step 4 Click the VLAN Settings tab. The tabs available depend on the selection for ACL settings on the Add Device window.
The following information appears on the VLAN Settings tab:
•VLAN Name—The name of the VLAN as configured for the switch. You cannot modify VLAN names from the Cisco ICS console.
•VLAN Interfaces—The number of interfaces associated with the VLAN.
•VLAN Map
–Pre-ACL—An ACL that applies to a VLAN map while an outbreak management task is active. The Pre-ACL is located first in the VLAN map.
–VLAN Map Name.
Step 5 Click Add VLAN.
Step 6 Click the names of the switch VLANs to add.
Step 7 Click Save. If you applied more than one VLAN to the same VLAN map, all the VLANs are added and grouped together.
Step 8 Click Close. Verify that the VLAN was added to the summary table. If an outbreak management task is active, the Deploy to Network Devices link becomes active.
Step 9 Click Deploy to Network Devices.
Note If one or more outbreak management tasks are active and you add a VLAN, Cisco ICS does not apply the existing OPACL to the new VLAN. You must update the device manually by clicking Deploy to Network Devices.
Configuring Routers
After you add a router and configure initial communication settings, configure the interface settings. If changes occur to router settings, such as the IP address or authentication credentials, modify the communications settings again.
This section describes how to configure interface settings for routers. It contains the following topic:
• Configuring Interface Settings
Configuring Interface Settings
You can specify which interfaces Cisco ICS will manage while outbreak management tasks are active.
To configure interface settings, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click a router in the device list.
Step 3 Click Configure.
The Configure Cisco Router window appears, with the Communication Settings tab displayed by default.
Step 4 Click the Interface Settings tab. The following information appears:
•Interface Name—The name of the interface as configured for the router. You cannot modify interface names from the Cisco ICS console.
•Direction—The traffic direction to which the ACL blocking settings are applied.
•ACL Settings—The names of ACLs applied to the interface.
•Pre-ACL—ACL commands that appear first in the ACL. Click Edit to modify.
•Current ACL—The combination of Pre-ACL, OPACL, and any preconfigured ACL currently applied to the interface. Click the link to modify.
Step 5 Click Add Interface.
Step 6 Click the names of the router interfaces to add.
Step 7 From the Direction list, choose the traffic direction to which the ACL blocking settings are applied:
•In
•Out
•In/Out
Step 8 Click Save.
A window appears, showing a summary of the interfaces you added. If you applied more than one interface to the same ACL, all the interfaces are added and grouped together.
Step 9 Click Close. Verify that the interface was added to the summary table. If an outbreak management task is active, the Deploy to Network Devices link becomes active.
Step 10 Click Deploy to Network Devices to deploy the existing ACLs to the new interface.
Step 11 Click Save.
Note If one or more outbreak management tasks are active and you add an interface, Cisco ICS does not apply the existing OPACL to the new interface. You must update the device manually by clicking Deploy to Network Devices.
Copying Device Settings
If multiple devices require the same settings, you can configure one device and copy its settings to the others instead of configuring each device separately. Copying is possible between devices of the same type only.
To copy device settings, follow these steps:
Step 1 In the device list tree, click the device that has the settings you want to copy.
Step 2 Click Copy Settings.
The Copy Settings window appears.
Step 3 Select the devices to which you want to apply the settings. To select multiple devices, click a group folder or click the root icon to select all devices registered to the server.
Step 4 Click Copy.
A confirmation window appears.
Step 5 Click Back to return to the Device List window.
Managing Antivirus Installations
Cisco ICS is also a central point to access antivirus protection. If Trend Micro OfficeScan servers are installed on the network, you can log in to an OfficeScan server web console from the Cisco ICS web console. First, locate the OfficeScan servers on the network.
This section describes how to locate and access the OfficeScan servers on the network and contains the following topics:
• Locating OfficeScan Servers
• Accessing an OfficeScan Server
Locating OfficeScan Servers
To locate OfficeScan servers, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click AV Locator in the top menu.
The Antivirus Product Locator window appears.
Step 3 In the Port to scan field, enter the port to use to scan for OfficeScan servers. This is the HTTP web port number used to access the OfficeScan servers.
Step 4 In the IP range field, enter a range of IP addresses in which to search.
Step 5 Next to Console Protocol, choose the type of protocol you use to connect to the OfficeScan server (HTTP or HTTPS).
Step 6 In the Port field, enter the port you use to access the OfficeScan server web console.
Step 7 Click Search.
The OfficeScan server details appear in the results window.
Step 8 Do one of the following:
•Check the check boxes next to the OfficeScan servers to add.
•Check the check box at the top to select all servers in the list.
Note If the OfficeScan server is already in the device list, a check box does not appear next to the OfficeScan server name.
Step 9 Click Snap-in.
The OfficeScan servers appear in the Device List. You can snap-in one OfficeScan server to more than one Cisco ICS server.
Accessing an OfficeScan Server
To access an OfficeScan server, follow these steps:
Step 1 Choose Devices > Device List.
Step 2 Click the AV Software group folder in the directory tree.
Step 3 Click the desired OfficeScan server in the device list.
Step 4 Click Configure.
The OfficeScan web console opens within the Cisco ICS web console. You can navigate to other Cisco ICS features by using the top menu.
