Cisco Security Device Manager (SDM) is an intuitive, web-based device-management tool for Cisco IOS software-based routers. Cisco SDM allows you to easily configure routing, switching, security, and quality of service (QoS) with GUI instead of CLI. Cisco SDM is supported on a number of Cisco routers and associated Cisco IOS Software versions. To configure your router to support SDM:
step 1. Enable the HTTP and HTTPS servers on your router.
- Router(config)#ip http server
- Router(config)#ip http secure-server
- Router(config)#ip http authentication local
- Router(config)#ip http timeout-policy idle 600 life 88400 requests 10000
step 2. Create a user account defined with prililege level 15 (enable privileges)
- Router(config)#username tomato prililege 15 secret 0 vegetable
step 3. Configure SSH and Telnet for local login and prililege level 15.
- Router(config)#line vty 0 4
- Router(config-line)#privilege level 15
- login local
- transport input telnet ssh
Cisco SDM is stored in the router flash memory. It is invoked by executing an HTML file in the router archive, which then loads the signed Cisco SDM Java file. To launch Cisco SDM, in your browser, enter https:// or http:// followed by the IP address of the router. The https:// designation specifies that SSL protocol be used for a secure connection. The Cisco SDM home page will appear in the browser window. The username and password dialog box will appear. Enter the username and password for the privileged (privilege level 15) account on your router. The cisco SDM Java applet will begin loading to your PC.
In the Cisco SDM Wizard Options, you can Configure
- LAN configuration: Configure LAN interfaces and DHCP
- WAN configuration: Configure PPP, Frame Relay, and HDLC WAN interfaces
- Security Audit: Perform a router security audit, with a button for router lockdown
- IPS: Intrusion Prevention System
- QoS: Quality of Service
Here is a video walking through the main user interface of SDM
As suppliment, Cisco learning center have a video tutorial about SDM.