Академический Документы
Профессиональный Документы
Культура Документы
Step 5: Then Click on RUN button after clicking RUN button to check whether
installation started or not
Just right click on menu bar and select task bar and there you select
Process tab
Step 6: After Installation is completed system will ask for restart if you click OK
then system will
Immediately restarts otherwise system will restart automatically after 4
minutes.
Step 2: There you can click on Agent kit at the bottom of left side and when click
on that you will see
Following window
Step 3: Then you click on Desktops_Vx.x.x.x, when you click it will ask for saving
file
Step 4: Then save on desktop and double click on that and RUN file after
successful installation it will ask
For system restart click OK otherwise it will automatically restart the after
4 minutes.
HOW TO TROUBLESHOOT CSA RELATED ISSUE
Step 1: First you double click on CSA icon which is present at the left side corner of
the menu bar
When you double click on CSA icon then you will see following window
Step 2: When you opened you will see the tasks of the CSA at the right side of the
window
Like Status, security settings, personnel firewall and many more.
Step 3: To check the STATUS of the CSA just click on STATUS task and you will see
following subtask of
CSA
HOST NAME: The Computer name of the local host. If computer is in domain then
you will see hostname
As DC101433.EDNITS.COM and if computer is not in domain or in
WORKGROUP.
Then you will see hostname as that computer name.
MANAGEMENT CENTER: The name of the CSA MC server with which you are
registered and from which
You receive policies. Main thing you have to observe that
management center should be
Reachable. And if it showing not reachable means there is no LAN
on that PC.
REGISTRATION CODE: The date your agent registered with CSA MC.
LAST POLL TIME: The last time the agent successfully polled CSA MC and last poll
time should show
Present time. Suppose if it is not showing then you just click poll
batten.
LAST DOWNLOAD TIME: The last time the agent downloaded updates from CSA
MC.
Step 4: When you click on Security settings you will see following window
Step 5: In Security settings there are 3 main tasks like Security level, prevention
new network
Connection and Enable network lock after the specific network inactivity
time.
Security Level: The Low, Medium, and High security levels allow you to select an
administratively defined security policy.
Low: A Low security setting may cause the agent to detect the more commonly
known attacks that are easily distinguished from normal system behavior.
Medium: A Medium security setting may cause the agent to detect a wide range of
attacks similar to those detected at the high setting.
High: A High security setting may cause the agent to detect a wide range of both
known attacks and potential attack behavior.
Preventing New Network connection: When the Network Lock checkbox is enabled, your
system will not allow any new network connections until you disable this feature. Selecting the
checkbox enables the network lock.
Step 6: For Checking the Personnel Firewall you click on personnel firewall you will
see following screen
Enable Mode: To use the Personal Firewall, click the Enable checkbox. If Local
Learn Mode is not checked, then each time a new application attempts to
connect to the network, you will be asked whether this connection should be
permitted. If you respond no, then connections of this type will be denied in
the future. If you respond yes, then future connections of this type will be
allowed, assuming that they are not denied by other security policies.
Learn Mode: After Enabling the Personal Firewall, you may find that you get
a lot of query dialogs. By clicking the Local Learn Mode checkbox, you
instruct CSA to assume that all network connections not otherwise denied by
CSA policies are permitted. The application list on this screen will be
populated and will indicate that these applications are allowed to make
certain connections. In effect, the Local Learn Mode checkbox allows you to
bypass the query boxes while CSA learns what connections are permissible.
After a certain period of time, though, uncheck the Local Learn Mode box so
that you will be queried when applications you use infrequently attempt to
access the network.
Step 7: Anti Virus: When you click Anti Virus Tab task you will see the
following screen
Antivirus
The AntiVirus page allows users to update their local signature database,
perform on-demand virus scans, and manage quarantined files.
On-demand Scan
When you click on On-demand Scan you will see the following window.
To configure the On-demand Scan we need to follow the following procedure.
Directory scans are recursive. That is, all the subdirectories in the
directory you specify will be scanned in addition to the directory
you specify.
Fast: Performs the scan the most quickly and uses the most CPU
resources. It may prevent you from performing other tasks.
Slow: Performs the scan at a slow pace and uses the least
amount of CPU resources. It has the least impact on other
operations.
The Scan progress area displays the directory and file being
scanned and a summary of the number of files scanned, files
found to be infected, and elapsed time of the scan.
When the scan is complete, the tile bar of the window will read,
"AntiVirus On-demand scan [complete]."
You can add directories and files to the file protection field by browsing for
them or by entering them in the edit field using proper syntax. You can add
individual files to the file protection field by entering them in the edit field.
Generally, if an application attempts to open a file and make a network
connection, CSA queries the user to allow or deny the application from
editing the file and from making the network connection.
5. Click Add. The information in the edit field is now added to the file
protection pane and protected from all network access.
6. Click Apply.
7. When you are done adding files and folders to the file protection pane,
click OK.
Trusted Application: If you want to remove a file or program from the list of
untrusted applications in the Untrusted Applications window, right-click on
the entry in the edit box and select Mark As Trusted. This removes the
application from the untrusted list, making it trusted can see this in following
window.
Step 9: The very next step is User Query Response
Step 10.When you click on Event task you will get the following window.
Events
The Events window displays security-related messages, system errors, and
system status messages generated by Cisco Security Agent.
To view events, follow this procedure:
1. Click Events in the Tasks area of the Cisco Security Agent interface.
2. Select the set of events to display from the Event Type list box.
Selecting All Logged Security Events displays all securityrelated messages received by the agent, including those
generated before the agent interface was launched.
Clicking the View button launches a text file containing more detailed
information than the event type you have chosen to display.
Clicking the Purge button clears the messages displayed by the Recent
Events or All Logged Security Events event types. You can not purge the
messages displayed by the All Logged Events & Debug Messages event
type.
Step 11.The last task of the CSA is Contact Information.
Contact Information
This window allows you to provide contact information to the administrator,
including your name, telephone number, location, and email address. If your
system administrator has requested that you enter this information, do so
here and click the Apply button. CSA MC receives this contact data and the
administrator can now quickly locate you if your agent indicates that there is
a problem.