Home > Articles > Certification > Cisco Certification > CCNP Security / CCSP

  • Print
  • + Share This
This chapter is from the book


CiscoWorks is the heart of the Cisco family of comprehensive network management tools that allow you to access and manage the advanced capabilities of the Cisco AVVID (Architecture for Voice, Video and Integrated Data) easily. It provides the foundation upon which Firewall MC (and other management center applications such as the AUS) is built. Therefore, before you can access the Firewall MC application, you must first log in to CiscoWorks. To use Firewall MC, you need to understand the following CiscoWorks functionality:

  • Login process

  • User authorization roles

  • Adding users

Login Process

To access the applications supported by CiscoWorks, such as Firewall MC and AUS, you must first log in to the CiscoWorks server desktop. The CiscoWorks server desktop is the interface used for CiscoWorks network management applications, such as Firewall MC.

To log in to CiscoWorks, you connect to the CiscoWorks desktop using a web browser. By default, the CiscoWorks web server listens on port 1741. So, if your CiscoWorks desktop is on a machine named CW.cisco.com through your Domain Name System (DNS) with an IP address of, you could connect to it by entering either of the following Universal Resource Locators (URLs):

  • http://CW.cisco.com:1741/



You can also enable CiscoWorks to use HTTP over SSL (HTTPS) instead of HTTP. When you install some management centers (such as the Management Center for Cisco Security Agents), they enable HTTPS on CiscoWorks automatically. When HTTPS is enabled, you need to connect to port 1742.

At the initial CiscoWorks window, log in to CiscoWorks by entering a valid username and password (see Figure 14-1).


Initially, you can log in using the administration account created during installation. The default value is admin for both the username and password (unless you changed these values during the installation process). For security reasons, you should change these values.

Figure 1Figure 14-1 CiscoWorks Login Window

User Authorization Roles

CiscoWorks enables you to define different roles for different users. A role can enable a user to perform specific operations when using CiscoWorks and any of the applications that are built upon CiscoWorks (such as Firewall MC). CiscoWorks supports five different user roles that are relevant to Firewall MC operations (see Table 14-3).

Table 14.3 CiscoWorks User Roles

User Role


Help Desk

Provides read-only access for the entire system


Can review policy changes and accept or reject changes

Network Operator

Can create and submit jobs

Network Administrator

Can perform administrative tasks on Firewall MC

System Administrator

Performs all operations


You can assign each user multiple authorization roles (depending on the user’s responsibilities). CiscoWorks also supports two other roles: Export Data and Developer. These roles are not relevant to the Firewall MC operations.

Adding Users

As part of your Firewall MC configuration, you must configure accounts for the various users that need to access Firewall MC. The CiscoWorks Add User window enables you to create new accounts that have access to the CiscoWorks applications. To create a new account in CiscoWorks, perform the following steps:

  1. Log in to the CiscoWorks desktop.

  2. Choose Server Configuration > Setup > Security > Add Users. The Add User window appears (see Figure 14-2).

  3. Figure 2Figure 14-2 CiscoWorks Add User Window

  4. Enter values for the new user (Table 14-4 describes the various fields).

  5. Table 14.4 CiscoWorks Add User Fields



    User Name

    Username of the account being added

    Local Password

    Password for the new user

    Confirm Password

    Confirmation of the user’s password


    (Optional) User’s e-mail address

    CCO Login

    (Optional) User’s Cisco Connection Online (CCO) login name

    CCO Password

    User’s CCO password (required only if CCO login is specified)CH14000.jpg

    Confirm Password

    Confirmation of user’s CCO password (required only if CCO password is entered)

    Proxy Login

    (Optional) User’s proxy login (required only if your network requires use of a proxy server)

    Proxy Password

    User’s proxy password (required only if Proxy Login is specified)

    Confirm Password

    Confirmation of user’s proxy login (required only if Proxy Login is specified)

  6. Using the Roles section of the Add User window, select the roles associated with the user’s responsibilities. You can assign multiple roles to a single user, giving that user a combination of user rights.

  7. Click Add to complete the addition of the user to the CiscoWorks database.

  • + Share This
  • 🔖 Save To Your Account