|
Table Of Contents
CiscoWorks Network Compliance Manager Alert Center
Installing CiscoWorks NCM Alert Center on a Windows Server
Installing the CiscoWorks NCM Alert Center
Installing the CiscoWorks NCM Alert Center in Debugging Mode
Uninstalling the CiscoWorks NCM Alert Center
Configuring the CiscoWorks NCM Alert Center
Configuring Services and Streams
Launching the CiscoWorks NCM Alert Center
Scheduling the CiscoWorks NCM Alert Center to Run as an External Application Task
Command Line Options, Importing Content, and Log Files
Installing CiscoWorks NCM Alert Center on a Solaris Server
Installing the CiscoWorks NCM Alert Center
Installing the CiscoWorks NCM Alert Center in Debugging Mode
Uninstalling the CiscoWorks NCM Alert Center
Configuring the CiscoWorks NCM Alert Center
Configuring Services and Streams
Launching the CiscoWorks NCM Alert Center
Command Line Options, Importing Content, and Log Files
Scheduling the CiscoWorks NCM Alert Center to Run as an External Application Task
Installing CiscoWorks NCM Alert Center on a Red Hat Enterprise Linux Server
Installing the CiscoWorks NCM Alert Center
Installing the CiscoWorks NCM Alert Center in Debugging Mode
Uninstalling the CiscoWorks NCM Alert Center
Configuring the CiscoWorks NCM Alert Center
Configuring Services and Streams
Launching the CiscoWorks NCM Alert Center
Command Line Options, Importing Content, and Log Files
Scheduling the CiscoWorks NCM Alert Center to Recur
Accessing the CiscoWorks NCM Documentation Set
Obtaining Documentation and Submitting a Service Request
Installation and Configuration Guide
CiscoWorks Network Compliance Manager Alert Center
This guide describes installing and configuring the CiscoWorks Network Compliance Manager (NCM) Alert Center on Windows, Solaris, and Red Hat Enterprise Linux platforms.
The CiscoWorks NCM Alert Center is a subscription service that provides network vulnerability alerts on an on-going basis. This guide will assist you in setting up the Alert Center to operate with CiscoWorks NCM.
The CiscoWorks NCM Alert Center is a unique security service. Unlike traditional alerts that are typically delivered via email, the Security Alert service delivers alerts as CiscoWorks NCM software compliance policies. As a result, you can rapidly identify all vulnerable devices across your network and perform remediation before your environment is compromised. With Alert Center, your CiscoWorks NCM server automatically checks for and downloads security alerts as they become available.
Note The CiscoWorks NCM Alert Center requires CiscoWorks NCM, Release 1.3 and the CiscoWorks NCM, Release 1.3 December 2007 Patch (NCM13P01.zip) available at http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto
In some CiscoWorks NCM documentation, this patch is referred to as CWNCM13-Dec-2007-Critical-Bugfix-Patch.zip. Both names refer to this patch.This guide contains the following sections:
• Installing CiscoWorks NCM Alert Center on a Windows Server
• Installing CiscoWorks NCM Alert Center on a Solaris Server
• Installing CiscoWorks NCM Alert Center on a Red Hat Enterprise Linux Server
• Accessing the CiscoWorks NCM Documentation Set
• Obtaining Documentation and Submitting a Service Request
Note All documentation, including this document and any or all of the parts of the CiscoWorks NCM documentation set, might be upgraded over time. Therefore, we recommend you access the CiscoWorks NCM documentation set using the Cisco.com URL: http://www.cisco.com/en/US/products/ps6923/tsd_products_support_series_home.html
The Docs tab visible from within CiscoWorks NCM might not include links to the latest documents.
1 Installing CiscoWorks NCM Alert Center on a Windows Server
This section explains how to install and configure the CiscoWorks NCM Alert Center on a CiscoWorks NCM Windows server.
Pre-Installation Requirements
Before you begin to install CiscoWorks NCM Alert Center, make sure you have the following:
•The credentials to login into www.cisco.com and to reach the CWNCM software download location at http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto
•Access to unzip or an equivalent archiving utility.
•A CiscoWorks NCM Windows server running successfully.
•Windows administrator access to the CiscoWorks NCM server.
•An SMTP Server set up and accessible from the CiscoWorks NCM server.
Installing the CiscoWorks NCM Alert Center
To install the CiscoWorks NCM Alert Center, do the following:
Step 1 Navigate to http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto to download the Alert Center package.
Step 2 Enter your www.cisco.com username and password to login.
Step 3 Select the CWNCM1_3_AlertCenterInstaller-K9.zip file to download. When prompted, save the .zip file to a temporary location on your local drive such as Desktop.
Step 4 In the directory to which you downloaded the .zip file, unzip the file to a temporary directory. For example, C:\temp. Keep the subdirectory structure intact.
Step 5 Launch the Installer from the directory where the files were unzipped. For example, C:\temp\alert_center_cache\installer.exe.
The following prompt appears:
Enter your CiscoWorks NCM Username:
Step 6 Enter your CiscoWorks NCM username. The following prompt appears:
Enter your CiscoWorks NCM Password:
Step 7 Enter your CiscoWorks NCM password. This password will be encrypted. The following prompt appears:
Enter your Cisco.com username:
Step 8 Enter the Cisco.com username of the user that will be entitled to use the service. The following prompt appears:
Enter your purchase order number:
Step 9 Enter your purchase order number. The following prompt appears:
Enter your Sales Order number:
Step 10 Enter your Sales Order number. The following prompt appears:
Enter your company's name as it appears on the invoice:
Step 11 Enter your company's name as it appears on the invoice. The following prompt appears:
Enter the email address that the confirmation number should be sent to:
Step 12 Enter the email address that the confirmation number should be sent to. The following prompt appears:
Enter your full name:
Step 13 Enter your full name. A message appears that the installation was successful.
Step 14 Click Enter to exit the Installer and return to the prompt.
Step 15 An email will be sent to ncmac-subscription@cisco.com that contains the information used to authorize your Cisco.com account to the service.
If there is an error sending the email message, the following message appears: An error occurred when attempting to send the registration email to Cisco. Please send an email to ncmac-subscription@cisco.com that contains the content of the file <CWNCM_install_directory>\content\registration_email.txt. The install was otherwise successful.
You will need to wait for your account to be authorized before proceeding.
If the installation fails, uninstall CiscoWorks NCM Alert Center using the instructions in the "Uninstalling the CiscoWorks NCM Alert Center" section and install CiscoWorks NCM Alert Center in Debugging mode using the instructions in the "Installing the CiscoWorks NCM Alert Center in Debugging Mode" section. Capture the console output and logs and contact Cisco Technical Support.
Installing the CiscoWorks NCM Alert Center in Debugging Mode
You can launch the Installer in debug mode to create a log for debugging purposes. Launch the Installer from the directory where the files were unzipped. For example, C:\temp\alert_center_cache\installer.exe debug. The rest of the installation process is unchanged. The installer log created in debug mode is located in
<CWNCM_install_directory>\content\content_cache_install.log
Uninstalling the CiscoWorks NCM Alert Center
To uninstall the CiscoWorks NCM Alert Center, delete the following directory:
<CWNCM_install_directory>\content\alert_center_content_cache
Configuring the CiscoWorks NCM Alert Center
To configure authentication, do the following:
Step 1 Using a text editor, open the configuration file. By default, the configuration file is <CWNCM_install_directory>\content\alert_center_content_cache\conf\alert_center_content_cache.conf.
Step 2 At the username and password entries in the configuration file, type your www.cisco.com username and password.
Step 3 At the ncm_user and ncm_pass entries in the configuration file, type the CiscoWorks NCM administrator username and password.
Step 4 Check if the url variable in the configuration file is set to the following value:
https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=NCM-Streams
Step 5 Save your changes to the configuration file.
Step 6 To hash your password, open a command prompt in the <CWNCM_install_directory>\content\alert_center_content_cache\bin directory, and then run the following command:
alert_center_content_cache.exe --encrypt-password
When you first run the CiscoWorks NCM Alert Center, the CiscoWorks NCM Alert Center will automatically authenticate itself by detecting redirects. This authentication verifies that the location it is redirected to is an Cisco.com domain, and retrieves and provides cookies as needed.
Configuring Services and Streams
To configure services and streams, do the following:
Step 1 At a command prompt, enter the following command to view a list of available streams:
alert_center_content_cache.exe --list-streams
The format of the value returned by that command is platform, service, stream (stream.name). An example of a stream returned by this command is
ncm security vc_cisco (security.vc_cisco)
Each service that you want to have access to must have a section in the CiscoWorks NCM Alert Center configuration file.
If the alert_center_content_cache.conf file lacks a section for a service, edit the file and add a section as appropriate. By default, the configuration file is
<CWNCM_install_directory>\content\alert_center_content_cache\conf\alert_center_content_cache.exe
Step 2 Each stream in a service must be enabled in the configuration file in its service section. Set the value of a stream to 1 to enable the stream, or to 0 to disable that stream.
Launching the CiscoWorks NCM Alert Center
In addition to the steps in "Configuring the CiscoWorks NCM Alert Center" section, the CiscoWorks NCM Alert Center should have default values for its other configuration values. To launch the CiscoWorks NCM Alert Center, do the following:
Step 1 Open a command prompt, and then change to the <CWNCM_install_directory>\content\alert_center_content_cache\bin directory.
Step 2 Run the following command:
alert_center_content_cache.exe
Contents are imported into CiscoWorks NCM as Policies. To view the list of policies, navigate Policies > Policy List.
By default, the CiscoWorks NCM Alert Center will:
•Connect over SSL
•Re-attempt a failed download once
•Retain successfully downloaded files in the cache until they have been updated on the server.
Note The first update can take a significant amount of time.
Scheduling the CiscoWorks NCM Alert Center to Run as an External Application Task
To schedule the CiscoWorks NCM Alert Center to run as an external application task, do the following:
Step 1 Log in to CiscoWorks NCM.
Step 2 Navigate Tasks > New Task > Run External Application. The New Task - Run External Application window appears.
Step 3 In the Task Name field, enter Synchronize Security Service Alert.
Step 4 In the Start Date field, click Calendar and select the Wednesday of the current or following week. Then, edit the start time to read 5:00am local time (such as: 02-10-08 05:00). Security Alert updates are automatically released every Tuesday (Pacific Standard Time (PST) = GMT-8). In addition, they are released for immediate vulnerabilities based on alert criticality. It is recommended that you automate this task to run on Wednesday morning so as to capture new security alerts as they become available.
Step 5 In the Comments field, type: The Cisco Network: Security Alert Service Update Client.
Step 6 Under the Task Options section in the Run field, enter:
<CWNCM_install_directory>\content\alert_center_content_cache\bin\alert_center_content_cache.exe
Step 7 Leave the Start In field blank.
Step 8 In the Task Result field, select Treat non-zero result code as failed task.
Step 9 In the Text Output field, select the desired output method.
Step 10 Under the Scheduling Options section in the Retry Count field, you can either accept the default No Retry or select any of the other options.
Step 11 In the Retry Interval field, accept the default retry interval five minutes.
Step 12 In the Recurring Options field, select Weekly and Wed.
Step 13 In the Range of Recurrence field, accept the default No End Date.
Step 14 Click Save Task.
Command Line Options, Importing Content, and Log Files
This section describes command line options, importing content, and the CiscoWorks NCM Alert Center log file.
Command Line Options
To see the complete list of available command line options and the online Help, do the following:
Step 1 Open a command prompt and then change to the <CWNCM_install_directory>\content\alert_center_content_cache\bin directory.
Step 2 Run the following command:
alert_center_content_cache.exe --help
The following table shows some of the available options that can be called at the command line when launching the CiscoWorks NCM Alert Center. These options can also be set in the configuration file.
Note You must have the following to import content: CiscoWorks NCM administrator privileges and the correct CiscoWorks NCM Username and Password in the configuration file. You must be running CiscoWorks NCM to import content.
Importing Content
To help verify that the content was downloaded, the CiscoWorks NCM Alert Center calculates the MD5 sum of downloaded files and checks the result against the MD5 sum listed for the file in the stream. The CiscoWorks NCM Alert Center will update the cache file to list a file as downloaded if the download succeeds. The CiscoWorks NCM Alert Center retains the files in the cache unless it is instructed not to do so.
The CiscoWorks NCM Alert Center checks the return status of the import commands to see if the import succeeded. If the import succeeded, the CiscoWorks NCM Alert Center marks the file as imported and caches the information. Check the log file to make sure that the content imported successfully.
CiscoWorks NCM Alert Center Log File
By default, the CiscoWorks NCM Alert Center log file is named alert_center_content_cache.log and is located in the following directory:
<CWNCM_install_directory>\content\alert_center_content_cache\log
Also note that the log file name and location can be configured in the configuration file as:
logfile_path=log/alert_center_content_cache.log
2 Installing CiscoWorks NCM Alert Center on a Solaris Server
This section explains how to install and configure the CiscoWorks NCM Alert Center on a Solaris 9 or Solaris 10 server running CiscoWorks NCM.
Pre-Installation Requirements
The following are requirements for installing CiscoWorks NCM Alert Center on a Solaris server:
•Credentials to login into www.cisco.com and to reach the CWNCM software download location at http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto
•Root permission to install software.
•Python 2.5 is required for the CiscoWorks NCM Alert Center to operate on Unix platforms. Cisco recommends that you use Python from ActiveState ( http://www.activestate.com/), as these are the Python implementations that are tested with the CiscoWorks NCM Alert Center installation. Python should be in your PATH variable.
Note CiscoWorks NCM 1.3 must be restarted after the Python PATH variable is updated on the system.
Installing the CiscoWorks NCM Alert Center
To install the CiscoWorks NCM Alert Center, do the following:
Step 1 Navigate to http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto to download the Alert Center package.
Step 2 Enter your www.cisco.com username and password to login.
Step 3 Select the CWNCM1_3_AlertCenterInstaller-K9.zip file to download. When prompted, save the .zip file to a location on your local drive.
Step 4 At a command prompt, navigate to the directory that you downloaded the .zip to, and then type the following command to unzip the file:
unzip CWNCM1_3_AlertCenterInstaller-K9.zip
Step 5 To unzip the CiscoWorks NCM Alert Center Installer, type the following command:
gunzip alert-center-content-cache-solaris-installer.tar.gz
Step 6 To untar the CiscoWorks NCM Alert Center Installer, type the following command:
tar -xvf alert-center-content-cache-solaris-installer.tar
Step 7 To launch the Installer, type the following command:
./installer
The following prompt appears:
Enter your CiscoWorks NCM Username:
Step 8 Enter your CiscoWorks NCM username. The following prompt appears:
Enter your CiscoWorks NCM Password:
Step 9 Enter your CiscoWorks NCM password. This password will be encrypted. The following prompt appears:
Enter your Cisco.com username:
Step 10 Enter the Cisco.com username of the user that will be entitled to use the service. The following prompt appears:
Enter your purchase order number:
Step 11 Enter your purchase order number. The following prompt appears:
Enter your Sales Order number:
Step 12 Enter your Sales Order number. The following prompt appears:
Enter your company's name as it appears on the invoice:
Step 13 Enter your company's name as it appears on the invoice. The following prompt appears:
Enter the email address that the confirmation number should be sent to:
Step 14 Enter the email address that the confirmation number should be sent to. The following prompt appears:
Enter your full name:
Step 15 Enter your full name. A message appears that the installation was successful.
Step 16 Click Enter to exit the Installer and return to the prompt.
Step 17 An email will be sent to ncmac-subscription@cisco.com that contains the information used to authorize your Cisco.com account to the service.
If there is an error sending the email message, the following message appears: An error occurred when attempting to send the registration email to Cisco. Please send an email to ncmac-subscription@cisco.com that contains the content of the file <CWNCM_install_directory>/content/registration_email.txt The install was otherwise successful.
You will need to wait for your account to be authorized before proceeding.
If the installation fails, uninstall CiscoWorks NCM Alert Center using the instructions in the "Uninstalling the CiscoWorks NCM Alert Center" section and install CiscoWorks NCM Alert Center in Debugging mode using the instructions in the "Installing the CiscoWorks NCM Alert Center in Debugging Mode" section. Capture the console output and logs and contact Cisco Technical Support.
Installing the CiscoWorks NCM Alert Center in Debugging Mode
You can launch the Installer in debug mode to create a log for debugging purposes. To launch the Installer, enter the following command:
./installer debug
The rest of the installation process is unchanged. The installer log created in debug mode is located in
<CWNCM_install_directory>/content/content_cache_install.log
Uninstalling the CiscoWorks NCM Alert Center
To uninstall the CiscoWorks NCM Alert Center, delete the following directory:
pkgrm alert-center-content-cache
Configuring the CiscoWorks NCM Alert Center
To configure authentication, do the following:
Step 1 Add the path /opt/cisco/alert_center_content_cache/bin to your $PATH variable.
Step 2 Using a text editor, open the configuration file. By default, the configuration file is
/opt/cisco/etc/alert_center_content_cache/alert_center_content_cache.conf
Step 3 At the username and password entries in the configuration file, type your Cisco.com username and password.
Step 4 At the ncm_user and ncm_pass entries in the configuration file, type the CiscoWorks NCM administrator username and password.
Step 5 Check if the url variable in the configuration file is set to the following value:
https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=NCM-Streams
Step 6 Save your changes to the configuration file.
Step 7 To hash your password, run the following command:
alert_center_content_cache --encrypt-password
When you first run the CiscoWorks NCM Alert Center, the CiscoWorks NCM Alert Center will automatically authenticate itself by detecting redirects. This authentication verifies that the location it is redirected to is an cisco.com domain, and retrieves and provides cookies as needed.
Configuring Services and Streams
To configure services and streams, do the following:
Step 1 At a command prompt, enter the following command to view a list of available streams:
alert_center_content_cache --list-streams
The format of the value returned by that command is platform, service, stream (stream.name). An example of a stream returned by this command is
ncm security vc_cisco (security.vc_cisco)
Each service that you want to have access to must have a section in the CiscoWorks NCM Alert Center configuration file.
Step 2 If the alert_center_content_cache.conf file lacks a section for a service, edit the file and add a section as appropriate. By default, the configuration file is
/opt/cisco/etc/alert_center_content_cache/alert_center_content_cache.conf
Step 3 Each stream in a service must be enabled in the configuration file in its service section. Set the value of a stream to 1 to enable the stream, or to 0 to disable that stream.
Launching the CiscoWorks NCM Alert Center
In addition to the steps in "Configuring Services and Streams" section, the CiscoWorks NCM Alert Center should have default values for its other configuration values. Assuming that the CiscoWorks NCM Alert Center script is in $PATH, perform the following command to launch the CiscoWorks NCM Alert Center:
Step 1 At a command prompt, run the following command:
alert_center_content_cache
Contents are imported into CiscoWorks NCM as Policies. To view the list of policies, navigate Policies > Policy List.
By default, the CiscoWorks NCM Alert Center will:
•Connect over SSL
•Re-attempt a failed download once
•Retain successfully downloaded files in the cache until they have been updated on the server.
Note The first update can take a significant amount of time.
Command Line Options, Importing Content, and Log Files
This section describes command line options, importing content, and the CiscoWorks NCM Alert Center log file.
Command Line Options
To see the complete list of available command line options and the online Help, do the following:
Step 1 Open a command prompt.
Step 2 Run the following command:
alert_center_content_cache --help
The following table shows some of the available options that can be called at the command line when launching the CiscoWorks NCM Alert Center. These options can also be set in the configuration file.
Note You must have the following to import content: CiscoWorks NCM administrator privileges and the correct CiscoWorks NCM Username and Password in the configuration file. You must be running CiscoWorks NCM to import content.
Importing Content
To help verify that the content was downloaded, the CiscoWorks NCM Alert Center calculates the MD5 sum of downloaded files and checks the result against the MD5 sum listed for the file in the stream. The CiscoWorks NCM Alert Center will update the cache file to list a file as downloaded if the download succeeds. The CiscoWorks NCM Alert Center retains the files in the cache unless it is instructed not to do so.
The CiscoWorks NCM Alert Center checks the return status of the import commands to see if the import succeeded. If the import succeeded, the CiscoWorks NCM Alert Center marks the file as imported and caches the information. Check the log file to make sure that the content imported successfully.
CiscoWorks NCM Alert Center Log File
The CiscoWorks NCM Alert Center log file is named alert_center_content_cache.log and is located in the following directory:
/var/log/cisco/alert_center_content_cache/
Scheduling the CiscoWorks NCM Alert Center to Run as an External Application Task
To schedule the CiscoWorks NCM Alert Center to run as an external application task, do the following:
Step 1 Log in to CiscoWorks NCM.
Step 2 Navigate Tasks > New Task > Run External Application. The New Task - Run External Application window appears.
Step 3 In the Task Name field, enter Synchronize Security Service Alert.
Step 4 In the Start Date field, click Calendar and select the Wednesday of the current or following week. Then, edit the start time to read 5:00am local time (such as: 02-10-08 05:00). Security Alert updates are automatically released every Tuesday (Pacific Standard Time (PST) = GMT-8). In addition, they are released for immediate vulnerabilities based on alert criticality. It is recommended that you automate this task to run on Wednesday morning so as to capture new security alerts as they become available.
Step 5 In the Comments field, type: The Cisco Network: Security Alert Service Update Client.
Step 6 Under the Task Options section in the Run field, enter:
/opt/cisco/alert_center_content_cache/bin/alert_center_content_cache
Step 7 Leave the Start In field blank.
Step 8 In the Task Result field, select Treat non-zero result code as failed task.
Step 9 In the Text Output field, select the desired output method.
Step 10 Under the Scheduling Options section in the Retry Count field, you can either accept the default No Retry or select any of the other options.
Step 11 In the Retry Interval field, accept the default retry interval five minutes.
Step 12 In the Recurring Options field, select Weekly and Wed.
Step 13 In the Range of Recurrence field, accept the default No End Date.
Step 14 Click Save Task.
3 Installing CiscoWorks NCM Alert Center on a Red Hat Enterprise Linux Server
This section explains how to install and configure the CiscoWorks NCM Alert Center on a Red Hat Enterprise Linux 3 (RHEL3) server running CiscoWorks NCM.
Pre-Installation Requirements
The following are requirements for installing CiscoWorks NCM Alert Center on a Red Hat Enterprise Linux server:
•Make sure you have the credentials to login into www.cisco.com and to reach the CWNCM software download location at http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto
•Python 2.5 is required for the CiscoWorks NCM Alert Center to operate on Unix platforms. Cisco recommends that you use Python from ActiveState ( http://www.activestate.com/), as these are the Python implementations that are tested with the CiscoWorks NCM Alert Center installation. Python should be in your PATH variable.
Note CiscoWorks NCM 1.3 must be restarted after the Python PATH variable is updated on the system.
Installing the CiscoWorks NCM Alert Center
Step 1 Navigate to http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto to download the Alert Center package.
Step 2 Enter your www.cisco.com username and password to login.
Step 3 Select the CWNCM1_3_AlertCenterInstaller-K9.zip file to download. When prompted, save the .zip file to a location on your local drive.
Step 4 At a command prompt, navigate to the directory that you downloaded the .zip to, and then type the following command to unzip the file:
unzip CWNCM1_3_AlertCenterInstaller-K9.zip
Step 5 To unzip the CiscoWorks NCM Alert Center Installer, type the following command:
gunzip alert-center-content-cache-linux-installer.tar.gz
Step 6 To untar the CiscoWorks NCM Alert Center Installer, type the following command:
tar -xvf alert-center-content-cache-linux-installer.tar
Step 7 To launch the Installer, type the following command:
./installer
The following prompt appears:
Enter your CiscoWorks NCM Username:
Step 8 Enter your CiscoWorks NCM username. The following prompt appears:
Enter your CiscoWorks NCM Password:
Step 9 Enter your CiscoWorks NCM password. This password will be encrypted. The following prompt appears:
Enter your Cisco.com username:
Step 10 Enter the Cisco.com username of the user that will be entitled to use the service. The following prompt appears:
Enter your purchase order number:
Step 11 Enter your purchase order number. The following prompt appears:
Enter your Sales Order number:
Step 12 Enter your Sales Order number. The following prompt appears:
Enter your company's name as it appears on the invoice:
Step 13 Enter your company's name as it appears on the invoice. The following prompt appears:
Enter the email address that the confirmation number should be sent to:
Step 14 Enter the email address that the confirmation number should be sent to. The following prompt appears:
Enter your full name:
Step 15 Enter your full name. A message appears that the installation was successful.
Step 16 Click Enter to exit the Installer and return to the prompt.
Step 17 An email will be sent to ncmac-subscription@cisco.com hat contains the information used to authorize your Cisco.com account to the service.
If there is an error sending the email message, the following message appears: An error occurred when attempting to send the registration email to Cisco. Please send an email to ncmac-subscription@cisco.com that contains the content of the file <CWNCM_install_directory>/content/registration_email.txt The install was otherwise successful.
You will need to wait for your account to be authorized before proceeding.
If the installation fails, uninstall CiscoWorks NCM Alert Center using the instructions in the "Uninstalling the CiscoWorks NCM Alert Center" section and install CiscoWorks NCM Alert Center in Debugging mode using the instructions in the "Installing the CiscoWorks NCM Alert Center in Debugging Mode" section. Capture the console output and logs and contact Cisco Technical Support.
Installing the CiscoWorks NCM Alert Center in Debugging Mode
You can launch the Installer in debug mode to create a log for debugging purposes. To launch the Installer, enter the following command:
./installer debug
The rest of the installation process is unchanged. The installer log created in debug mode is located in
CWNCM_install_directory/content/content_cache_install.log
Uninstalling the CiscoWorks NCM Alert Center
To uninstall the CiscoWorks NCM Alert Center, run the following command:
rpm -e alert-center-content-cache
Delete the following directory:
/var/opt/cisco/alert_center_content_cache
Configuring the CiscoWorks NCM Alert Center
To configure authentication, do the following:
Step 1 Add the path /opt/cisco/alert_center_content_cache/bin to your $PATH variable.
Step 2 Using a text editor, open the configuration file. By default, the configuration file is
/opt/cisco/etc/alert_center_content_cache/alert_center_content_cache.conf
Step 3 At the username and password entries in the configuration file, type your Cisco.com username and password.
Step 4 At the ncm_user and ncm_pass entries in the configuration file, type the CiscoWorks NCM administrator username and password.
Step 5 Check if the url variable in the configuration file is set to the following value:
https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=NCM-Streams
Step 6 Save your changes to the configuration file.
Step 7 To hash your password, run the following command:
alert_center_content_cache --encrypt-password
When you first run the CiscoWorks NCM Alert Center , the CiscoWorks NCM Alert Center will automatically authenticate itself by detecting redirects. This authentication verifies that the location it is redirected to is an cisco.com domain, and retrieves and provides cookies as needed.
Configuring Services and Streams
To configure services and streams, do the following:
Step 1 At a command prompt, enter the following command to view a list of available streams:
alert_center_content_cache --list-streams
The format of the value returned by that command is platform, service, stream (stream.name). An example of a stream returned by this command is
ncm security vc_cisco (security.vc_cisco)
Each service that you want to have access to must have a section in the CiscoWorks NCM Alert Center configuration file.
Step 2 If the alert_center_content_cache.conf file *lacks a section for a service, edit the file and add a section as appropriate. By default, the configuration file is
/opt/cisco/etc/alert_center_content_cache/alert_center_content_cache.conf
Step 3 Each stream in a service must be enabled in the configuration file in its service section. Set the value of a stream to 1 to enable the stream, or to 0 to disable that stream.
Launching the CiscoWorks NCM Alert Center
In addition to the steps in "Configuring Services and Streams" section, the CiscoWorks NCM Alert Center should have default values for its other configuration values. Assuming that the CiscoWorks NCM Alert Center script is in $PATH, perform the following command to launch the CiscoWorks NCM Alert Center:
Step 1 At a command prompt, run the following command:
alert_center_content_cache
Contents are imported into CiscoWorks NCM as Policies. To view the list of policies, navigate Policies > Policy List.
By default, the CiscoWorks NCM Alert Center will:
•Connect over SSL
•Re-attempt a failed download once
•Retain successfully downloaded files in the cache until they have been updated on the server.
Note The first update can take a significant amount of time.
Command Line Options, Importing Content, and Log Files
This section describes command line options, importing content, and the CiscoWorks NCM Alert Center log file.
Command Line Options
To see the complete list of available command line options and the online Help, do the following:
Step 1 Open a command prompt.
Step 2 Run the following command:
alert_center_content_cache --help
The following table shows some of the available options that can be called at the command line when launching the CiscoWorks NCM Alert Center. These options can also be set in the configuration file.
Note You must have the following to import content: CiscoWorks NCM administrator privileges and the correct CiscoWorks NCM Username and Password in the configuration file. You must be running CiscoWorks NCM to import content.
Importing Content
To help verify that the content was downloaded, the CiscoWorks NCM Alert Center calculates the MD5 sum of downloaded files and checks the result against the MD5 sum listed for the file in the stream. The CiscoWorks NCM Alert Center will update the cache file to list a file as downloaded if the download succeeds. The CiscoWorks NCM Alert Center retains the files in the cache unless it is instructed not to do so.
The CiscoWorks NCM Alert Center checks the return status of the import commands to see if the import succeeded. If the import succeeded, the CiscoWorks NCM Alert Center marks the file as imported and caches the information. Check the log file to make sure that the content imported successfully.
CiscoWorks NCM Alert Center Log File
The CiscoWorks NCM Alert Center log file is named alert_center_content_cache.log and is located in the following directory:
/var/log/cisco/alert_center_content_cache/
Scheduling the CiscoWorks NCM Alert Center to Recur
To schedule the CiscoWorks NCM Alert Center to run as an external application task, do the following:
Step 1 Log in to CiscoWorks NCM.
Step 2 Navigate Tasks > New Task > Run External Application. The New Task - Run External Application window appears.
Step 3 In the Task Name field, enter Synchronize Security Service Alert.
Step 4 In the Start Date field, click Calendar and select the Wednesday of the current or following week. Then, edit the start time to read 5:00am local time (such as: 02-10-08 05:00). Security Alert updates are automatically released every Tuesday (Pacific Standard Time (PST) = GMT-8). In addition, they are released for immediate vulnerabilities based on alert criticality. It is recommended that you automate this task to run on Wednesday morning so as to capture new security alerts as they become available.
Step 5 In the Comments field, type: The Cisco Network: Security Alert Service Update Client.
Step 6 Under the Task Options section in the Run field, enter:
/opt/cisco/alert_center_content_cache/bin/alert_center_content_cache
Step 7 Leave the Start In field blank.
Step 8 In the Task Result field, select Treat non-zero result code as failed task.
Step 9 In the Text Output field, select the desired output method.
Step 10 Under the Scheduling Options section in the Retry Count field, you can either accept the default No Retry or select any of the other options.
Step 11 In the Retry Interval field, accept the default retry interval five minutes.
Step 12 In the Recurring Options field, select Weekly and Wed.
Step 13 In the Range of Recurrence field, accept the default No End Date.
Step 14 Click Save Task.
4 Known Issues
The following are known issues in CiscoWorks NCM Alert Center, Version 1.2.1, Revision 3.
Description: On Windows platform, after using Control-C to abort a running alert_center_content_cache.exe task, you cannot execute subsequent alert_center_content_cache.exe tasks.
Workaround: Remove the file:
<CWNCM install directory>\content\alert_center_cache_content\alert_center_content_cache.lock
Then retry the alert_center_content_cache.exe task.
Description: If the CiscoWorks NCM Alert Center installation process on a Windows or Linux server is aborted with Control-C, the partially installed data will not be cleaned. As a result, trying to install CiscoWorks NCM Alert Center again will result in Exit with error.
Workaround:
On Windows: Prior to rerunning the CiscoWorks NCM Alert Center installer, remove the following directory:
<CWNCM install directory>\content\alert_center_content_cache
On Linux: Prior to rerunning the CiscoWorks NCM Alert Center installer, run the following command:
rpm -e alert-center-content-cache
Description: On all CiscoWorks NCM Alert Center platforms, after deleting all policies for a particular stream, the default import does not add alert contents into CiscoWorks NCM for that stream.
For example:
Navigate Policies >Policy List. If all policies from security stream vc_cisco are deleted, re-run alert_center_content_cache for vc_cisco security stream. By default, this does not import alert contents for vc_cisco security stream.
Workaround: Delete the file downloads.cache.
On Windows platform: <CWNCM Install Path>\content\alert_center_content_cache\cache\downloads.cache
On Solaris platform: /var/opt/cisco/alert_center_content_cache/cache/downloads.cache
On Linux platform: /var/opt/cisco/alert_center_content_cache/cache/downloads.cache
Note Editing the downloads.cache file is not recommended.
Description: Modification of the Cisco.com encrypted password in the configuration file displays the stack trace with the error message: Error: Incorrect padding.
Workaround: Re-type the password and run the following command:
alert_center_content_cache --encrypt-password
5 Accessing the CiscoWorks NCM Documentation Set
You can access the entire CiscoWorks Network Compliance Manager documentation set from the following Cisco.com URL:
http://www.cisco.com/en/US/products/ps6923/tsd_products_support_series_home.html
From here you can navigate to any documentation for CiscoWorks NCM 1.3 you will need.
Tip To cut and paste a two-line URL into the address field of your browser, you must cut and paste each line separately to get the entire URL without a break.
Note All documentation, including this document and any or all of the parts of the CiscoWorks NCM documentation set, might be upgraded over time. Therefore, we recommend you access the CiscoWorks NCM documentation set using the Cisco.com URL: http://www.cisco.com/en/US/products/ps6923/tsd_products_support_series_home.html
Note The Docs tab visible from within Network Compliance Manager might not include links to the latest documents.
6 Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Posted: Thu Feb 14 11:21:35 PST 2008
All contents are Copyright © 1992--2008 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.