Filter
Top Products
Chapter 7. Network enforcement subsystem implementation 225
filename is the name of the file in which you want CSUtil.exe to write all
attribute definitions. Example 7-2 shows the execution of this command.
Example 7-2 Import Security Compliance Manager attribute
C:\Program Files\CiscoSecure ACS v4.0\Utils>CSUtil -addavp
c:\Temp\avplist.txt
Attribute 2:50:1 (Application-Posture-Token) automatically added to
registry
Attribute 2:50:2 (System-Posture-Token) automatically added to registry
[attr#0]: Attribute 2:50:10 (Action) added to registry
[attr#1]: Attribute 2:50:20 (Policy Version) added to registry
[attr#2]: Attribute 2:50:21 (Violation number) added to registry
=== AVP Summary ===
3 AVPs were added to the registry
In addition, 2 AVPs were automatically added to the registry
=== IMPORTANT NOTICE ===
Please restart the following services:
- CSAdmin
- CSAuth
- CSLog
C:\Program Files\CiscoSecureACS v4.0\Utils>
4. To make the Security Compliance Manager attribute definitions take effect,
restart the CSAuth, CSLog, and CSAdmin services by entering the following
commands at the command prompt, allowing the computer time to perform
each command:
net stop csauth
net start csauth
net stop cslog
net start cslog
net stop csadmin
net start csadmin
5. ACS should now be aware of the Security Compliance Manager attributes. To
verify this, run the command:
csutil.exe –dumpavp filename