Cisco Unified MeetingPlace, Release 7.0 -- Using Cisco Security Agent (CSA) on the Application Server
Main page: Cisco Unified MeetingPlace, Release 7.0
Up one level: Configuration
The Cisco Security Agent (CSA) is an application that provides system and data security and allows you to monitor the activities on your system. The CSA is automatically installed on the Application Server with Cisco Unified MeetingPlace and requires no configuration. The red flag at the bottom-right corner of the screen indicates that CSA is running and active on your system.
The CSA consists of a set of rules that govern which users and applications can alter or query critical file systems. It also provides security on ports to minimize unauthorized system logins for malicious purposes. The CSA logs violations of any of the security rules. You may peruse the log periodically to determine what attempted activities were blocked.
Because the CSA application that is included with Cisco Unified MeetingPlace is a standalone version:
- You cannot use the CSA Management Console.
- If a newer version of CSA comes out, you must manually upgrade CSA on the Application Server. See Upgrading Cisco Security Agent (CSA) on the Application Server.
- Log in to the console.
- Right-click the red CSA flag in the bottom right.
- Choose Open Agent Panel.
- To change the level of security for your system:
- Click System Security.
- Move the security level slide bar to the new security level.
- Note: We recommend that you keep the security level at medium or high.
- Click Status > Messages > View log to display the logged security events.
- (Optional) Click Purge log to remove the entries that appear on the Status > Messages window.
- Doing this regularly can help you track new events.
- Note: Clicking Purge log does not affect the logs under /var/log/csalog.