Manualshelf

Installation guide

ManualsBrandsCisco ManualsComputer equipmentExplorer 4700
12345678910
1-2
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 1 Overview
Information About the ACE No Payload Encryption Software Version
Helps you manage ACE appliance licenses and role-based access control (RBAC).
Provides a monitoring interface with a flexible choice of statistics and graphs.
Enables you report any problem with the ACE appliance using the Lifeline feature, which allows
you to forward critical information about the problem to Cisco Technical Support.
Offers task-based context-sensitive help from each screen, providing information about fields on the
screen and related procedures.
For more information on how to get started quickly, see the Getting Started Guide, Cisco ACE 4700
Series Application Control Engine Appliance.
Information About the ACE No Payload Encryption
Software Version
Beginning with ACE software Version A5(2.0), Cisco makes available the following two ACE software
versions:
ACE Payload Encryption (PE)—CLI commands related to payload encryption protocols are
enabled. The ACE uses the payload encryption protocols to encrypt through-the-box traffic, such as
IPsec, SSL VPN, and other secure voice protocols. The ACE PE software version contains the same
payload encryption functionality found in previous ACE software versions.
ACE No Payload Encryption (NPE)—CLI commands related to payload encryption protocols are
either removed or do not function because the key encryption configuration commands have been
removed. The new ACE NPE software version supports customers located in countries where the
United States has imposed export restrictions on crypto functions. Without the use of payload
encryption protocol commands, you cannot configure the ACE to perform data encryption tasks,
such as configuring it as a virtual Secure Sockets Layer (SSL) server for SSL initiation or
termination.
Modifications made to the ACE NPE software version do not affect management protocols, such as SSH,
which is required to access the Device Manager GUI. For more information, see the “Using the Setup
Script to Enable Connectivity to the Device Manager” section in the Cisco 4700 Series Application
Control Engine Appliance Administration Guide.
When using the ACE NPE software version, Device Manager includes the following modifications:
The SSL configuration tab (Config > Virtual Contexts > SSL) is removed to prevent access to the
main SSL configuration windows.
In GUI sections that typically contain encryption-related configuration attributes, the attributes are
either removed or you are not permitted to configure them. If you attempt to configure an
encryption-related attribute, Device Manager does not allow you to deploy the configuration.
In GUI sections that display monitored attributes that include encryption-related attributes (such as
SSL connection rate), the encryption-related attributes may be listed but do not show any values
associated with them.
This guide and the Device Manager online help contain notes where information about
encryption-related attributes is affected when using the ACE NPE software version.