Smart Software Manager On-Prem Console
“
Specifications:
- Product Name: Cisco Smart Software Manager On-Prem Console
- Version: 9 Release 202504
- Published: 10/2/19
- Modified: 8/5/2025
- Manufacturer: Cisco Systems, Inc.
- Headquarters: San Jose, CA, USA
- Website: http://www.cisco.com
- Contact: Tel – 408 526-4000, 800 553-NETS (6387), Fax – 408
527-0883
Product Usage Instructions:
Preface:
This section provides information on the objectives and
organization of the document and guides users on finding additional
related information. It includes sections like Objectives, Related
Documentation, and Document Conventions.
Objectives:
The document gives an overview of the software functionality
specific to Cisco Smart Software Manager On-Prem (SSM On-Prem). It
focuses on the application’s specific software aspects rather than
covering all features.
Refers to additional documentation that can assist in
configuring SSM On-Prem. Important guides, references, and release
notes associated with Cisco Smart Software On-Prem are listed.
Users can access these online resources for detailed
information.
Document Conventions:
The documentation uses specific conventions to guide users
through the content. These include bold text for commands and
keywords, italic for user-supplied values, square brackets for
optional elements, and more. Examples are provided to illustrate
these conventions.
FAQ:
Q: Where can I find the Cisco Smart Software Manager On-Prem
User Guide?
A: The User Guide is available online on the Cisco website under
the Smart Software Manager On-Prem section.
Q: How can I migrate to Cisco Smart Software Manager
On-Prem?
A: Refer to the Migration Guide provided in the Related
Documentation section for detailed steps on migrating to SSM
On-Prem.
Q: What is the purpose of the Cisco Smart Software Manager
On-Prem Console?
A: The Console serves as a platform for managing software
functionality specific to SSM On-Prem, offering a centralized
interface for software management tasks.
“`
Cisco Smart Software Manager On-Prem Console Reference Guide
Version 9 Release 202504
First Published: 10/2/19 Last Modified: 8/5/2025 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883
1 Cisco Confidential
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://www.cisco.com/go/trademarks. Thirdparty trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
The Java logo is a trademark or registered trademark of Sun Microsystems, Inc. in the U.S., or other countries
2 Cisco Confidential
CONTENTS
PREFACE ………………………………………………………………………………………………………………………. 4 Objectives ……………………………………………………………………………………………………………….. 4 Related Documentation ……………………………………………………………………………………………… 4 Document Conventions ……………………………………………………………………………………………… 4 Obtaining Documentation and Submitting a Service Request ……………………………………………. 6
INTRODUCTION TO CISCO SMART SOFTWARE MANAGER ON-PREM CONSOLE …………………………………….. 6 About the SSM On-Prem Console ……………………………………………………………………………….. 6 On-Prem Console Help Command Descriptions …………………………………………………………….. 6 Using the TCPDUMP on On-Prem Console………………………………………………………………………………………………………………………11 Using the Password_Policy Command on On-Prem Console………………………………………………………………………………….12 Example of the Docker_Network_Config Command on On-Prem Console……………………………………………………….12
Cisco Confidential
Cisco Smart Software Manager On-Prem Console Guide
Preface
This section describes the objectives and organization of this document and explains how to find additional information on related products and services. This preface contains these sections.
Objectives
This document provides an overview of software functionality specific to the Cisco Smart Software Manager On-Prem (SSM On-Prem). It is not intended as a comprehensive guide to all the software features that can be run, but only the specific software aspects to this application.
Related Documentation
This section refers to other documentation that also might be useful as you configure your SSM OnPrem. This document covers important information for the SSM On-Prem and is available online. Listed below are other guides, references, and release notes associated with Cisco Smart Software On-Prem. Cisco Smart Software Manager On-Prem User Guide
Cisco Smart Software Manager On-Prem Installation Guide
Cisco Smart Software Manager On-Prem Migration Guide
Cisco Smart Software Manager On-Prem Release Notes
Document Conventions
This documentation uses the following conventions:
Convention
Description
bold
Bold text indicates the commands and keywords used in one or more step(s).
Italic
Italic text indicates arguments for which the user supplies the values or a citation from another document
[x]Square brackets enclose an optional element (keyword or argument).
[x | y]Square brackets enclosing keywords or arguments separated by a vertical bar indicate an optional choice.
{x | y}
Braces enclosing keywords or arguments separated by a vertical bar indicate a required choice.
4 Cisco Confidential
Convention [x {y | z}] variable string
Description
Cisco Smart Software Manager On-Prem Console Guide
Nested set of square brackets or braces indicates optional or required choices within optional or required elements. Braces and a vertical bar within square brackets indicate a required choice within an optional element.
Indicates a variable for which you supply a value, in context where italics cannot be used.
A non-quoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks.
Examples for the following conventions:
Convention
Description
screen font
Terminal sessions and information switch displays are in screen font.
boldface screen font Information you must enter is in boldface screen font.
italic screen font
Arguments for which you supply values are in italic screen font.
< >
Nonprinting characters, such as passwords, are in angle brackets.
[ ]Default responses to system prompts are in square brackets.
!, #
An exclamation point (!) or a pound sign (#) at the beginning of a line of
code indicates a comment line.
This document uses the following call-out conventions:
NOTE
This means the reader takes note. Notes contain helpful suggestions or references to material not covered in the manual.
CAUTION
This means the reader to be careful. In this situation, you might do something that could result in equipment damage or loss of data
5 Cisco Confidential
Cisco Smart Software Manager On-Prem Console Guide
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation.
Introduction to Cisco Smart Software Manager OnPrem Console
About the SSM On-Prem Console
The SSM On-Prem console is a Command Line Interpreter (CLI) used to deploy, configure, and manage SSM On-Prem. The On-Prem Console (On-Prem) is Linux-based and provides a secure approach for managing SSM On-Prem. Once you have deployed On-Prem, navigate to the CLI. The following On-Prem Console help commands are specific to High Availability. Use the following command to open the SSH shell:
>>ssh admin@<ip address of server> You are prompted for the password. Enter your admin password.
<Admin password>
Then use this command to access the On-Prem Console type: onprem-console
To access the help menu type: help or enter “?”
To get help on each command type: Help <command> or enter “?”
Where <command> is replaced by a command in the help definitions table.
On-Prem Console Help Command Descriptions
The following On-Prem Console help commands (in alphabetical order).
Command
arp
Description/Action
(Address Resolution Protocol) This command displays and modifies entries in the ARP cache, that contain one or more tables used to store IP addresses and their resolved Ethernet or Token ring physical addresses. The table contains the following columns:
6 Cisco Confidential
Command
change_log_level change_password copy
curl database_backup database_restore
Cisco Smart Software Manager On-Prem Console Guide
Description/Action
· Address: IP Address · HWtype: (for example ether,) · HWaddress: in hexadecimal format · Flags Mask: · Iface: shows the interface being used
Use this command to configure the system log level. It allows you to adjust the amount and type of information recorded in system logs. This helps control log verbosity.
Opens the change password prompt. Follow the steps from the prompts to change your password for the admin onprem console. NOTE: CiscoAdmin!2345 is the default admin console password NOTE: Console and Admin passwords are independent and need to be changed separately.
Copies a specified file or directory. The copy command only works with SCP protocol. The copy command would follow this general format: copy username@domain:/source_file/destination_dir: Here is a specific example of the copy command: copy user@domain.com:/path/SSM_On-Prem_9202407.sh patches:
NOTE: The copy command in SSM On-Prem only supports FIPSsupported ciphers. NOTE: Some versions of winscp do not work with On-Prem due to a bug in winscp code. If winscp is not working with On-Prem please use git bash as an alternative.
Transfers data to/from a network server using a supported protocol such as HTTP, HTTPS, LDAP, etc. It is designed to work without user interaction which makes it very useful for using a shell script.
This command will run a backup of your system and save it into the backup directory.
Opens the prompt to restore a specified database. Follow the prompts to restore the database. You will need to specify the location of the database you
7
Cisco Confidential
Command
Cisco Smart Software Manager On-Prem Console Guide
Description/Action
want to restore (see database_backup).
database_scheduled_backup
Enables scheduled backups of the database to ensure regular data protection and facilitate disaster recovery.
delete
Deletes the specified file or directory.
dir
Displays all files in the specified directory.
disable_default_user
Disables preconfigured default user account (admin) to enforce custom admin credentials.
disk_usage (du)
Checks the information on disk usage of files and directories on a server. The table shows:
· Filesystem: directory
· Size: Size of the directory
· Used: What space is used
· Avail: What space is available
Use%: Shows how much of the space is used as a percentage.
Mounted on: Shows the partition where the filesystem (dir) exists.
docker_network_config
Use this command to avoid conflicts when you are allocating a network to be designated for use for the SSM On-Prem internal communications.
NOTE: This command should be used BEFORE configuring a High Availability (HA) mode. (See Cisco Smart Software Manager On-Prem Installation Guide Appendix 7. Resolving Network Conflicts using the docker_network_config Command.
EOF
This command is used when no more data can be read
from a data source such as a file or stream.
exit (See quit)
This command exits you from the On-Prem Console.
ha_cluster_start
This command is used to start the HA Cluster service.
ha_cluster_stop
This command is used to stop the HA Cluster service.
ha_deploy
This command is for setting up HA availability on Active nodes. The command first checks that the standby has been provisioned before continuing forward, ha_provision_standby command.
8
Cisco Confidential
Command
ha_generatekeys ha_provision_standby
ha_status ha_teardown hostname
logs netstat
Cisco Smart Software Manager On-Prem Console Guide
Description/Action
The command takes the following arguments: Active IP, Private IP address of the Active node, Standby IP, Virtual IP, and the HA Cluster password (created in the standby provisioning step.)
*if anything goes wrong, run the ha_teardown command on both nodes to get them back into standalone mode. Then try again.
This command is used to generate user and ssh keys in the Primary node to secure a channel of communication between the two nodes for the HA Cluster.
This command prompts you through provisioning the Standby node which is a prerequisite step for deploying an HA cluster.
This command takes the following arguments: Active IP, Private IP address of the Active node, Standby IP, Private IP address of the Standby node, and HA Cluster password.
Enables you to view the status of an HA Cluster. Describes the resources running as well as streaming replication status.
This command removes a node from an HA which destroys the HA Cluster and establishes a standalone system. This command should be run on each node individually.
This command displays the name of the host (hostname) as well as information on the operating system, and kernel version, as well as presenting the virtualization tool (utility). NOTE: Before setting up an HA Cluster, each node must have a different Hostname (to distinguish one node from the other). Hostnames can be configured during initial installation or later through the On-Prem Console.
Opens the logs stored under a specified directory such as SYSLOG. (You will need the admin password) Use Ctrl+C to exit the logs. This is a “live” event, so the readout shows the log entries as they occur.
Displays network connections for TCP, routing tables, and several network interface and network protocol statistics (active Internet connections (w.0 servers).
9
Cisco Confidential
Command
network_manager
nslookup
openssl ciphers password_policy ping quit (See exit) reboot select_ha_mode shell_session_limit
tacacs_config
Cisco Smart Software Manager On-Prem Console Guide
Description/Action
Opens Network Manager, a software utility that simplifies the use of computer networks. This utility allows you to: · Edit a connection · Activate a connection · Set system hostname
Opens the Name Server lookup tool to perform DNS lookups in Linux. Using this command enables you to display DNS details, such as the Host Name or IP Address of a particular computer. This command can operate in two modes: interactive and non-interactive.
Convert textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist.
Use this command to see the constraints for creating a password. See Using Password Policy.
Pings a machine to see if it’s “online.” Type ping then press the spacebar and type in the IP Address of the machine you want then press Enter.
This command is identical to the Exit command. Using this command quits the On-Prem Console.
Reboots the machine.
Switches to High Availability (HA) mode.
Use this command for setting session limits on a node. Also, for setting limits on each node of an HA cluster. The default limit is 10. The range is an integer between 1-999. NOTE: In an HA cluster, session limits for each node must be manually set using the shell_session_limit command.
This command opens the tacacs configuration menu that has five functions. · TACACS primary server config: Provides the
parameters for configuring the TACACS primary server. · TACACS secondary server config: Provides the
parameters for configuring the TACACS secondary server · Display TACACS config: Shows the configuration
10
Cisco Confidential
Command
tcpdump timedate top traceroute upgrade
version
Cisco Smart Software Manager On-Prem Console Guide
Description/Action
details of either the primary or secondary TACACS+ server.
· User management: Opens the User Management menu where you can add, display, and delete local TACACS users.
· quit: exits the TACACS configuration server.
Is a utility used to display TCPIP and other network packets being transmitted over a network. See Using TCPDUMP.
Displays the time and date of your machine as well as your NTP server if used.
This command displays the processor activity of the server as well as other services being used.
This command enables you to see several details about the path that a packet takes from the computer or device to whatever destination you specify.
Opens the upgrade prompt. Follow the prompts to install the upgrade. (For specific instructions, refer to the Cisco Smart Software Manager On-Prem Installation Guide “patch/upgrade” section. · Usage: upgrade <patches:filename>
Displays the current version and upgrade history for the SSM On-Prem installation.
NOTE: The Cisco SSM On-Prem version is only shown for the primary node, as both nodes must run the same version.
Using the TCPDUMP on On-Prem Console
This section describes the ability to pass arguments to TCPDUMP using the On-Prem Console tcpdump command. Listed here are the expected results of using the tcpdump command.
>>? tcpdump Capture network packets for analysis
Usage: tcpdump pcaps: [<filename>] [<argfs>] -i all | interface: -i: Listen on interface. If
unspecified, all will be used -w pcaps:fileneam : Write the raw packets to file rather
than parsing and printing them out. /var/files/pcaps/trace.pcap is the
11
Cisco Confidential
Cisco Smart Software Manager On-Prem Console Guide default file that will be written if -w is not supplied
-r pcaps:filename: Read the packet captre file <args> : All other arguments provided will be passed directly to tcpdump. See linux man-page on tcpdump for complete list
Using the Password_Policy Command on On-Prem Console
This section describes the constraints used in creating passwords using the On-Prem Console password_policy command.
Listed here are the expected results for the password_policy command.
>> ? password_policy
Set you Secure password policy rules
Usage: password_policy [options]
-minlen
Minimum length of a password (min 6, default 15)
-minclass
Minimum number of character classes in a password (max 4,
default 4)
-maxrepeat
Maximum number of same consecutive characters in a
password (default 2)
-maxclassrepeat Maximum number of consecutive characters in a password
(default 2)
-lower
Require at least one lowercase character in a password
(default yes)
-upper
Require at least one uppercase character in a password
(default yes)
-digit
Require at least one digit in a password (default yes)
-special
Require at least one other character in a password
(default yes)
Example of the Docker_Network_Config Command on On-Prem Console
This section provides an example of the On-Prem Console docker_network policy command.
>> docker_network_config Last login: Mond Feb 22 17:53:22 UTC 2021 on pts/0 The bridge network pool is used to allocate Ips to containers. Docker will allocate subnets from this IP pool.
Enter network address [172.16.2.0]: 172.17.2.0 -> Detected 256 IP addresses within IP range: 172.17.2.0 172.17.2.255
Using CIDR: 172.17.2.0/24
Docker will be configured to allocate Ips from the network pool provided. Misconfiguration on the docker network can result in services railing to start. Please be sure that you are entering the correct information.
Using CIDR: 172.17.2.0/24
Are you sure you want to write this configuration (y/N) y Stopping application services… Writing new configuration file… Restarting docker service…
12
Cisco Confidential
Restarting docker service…
Cisco Smart Software Manager On-Prem Console Guide
Writing new configuration file… Restarting docker service… Starting application services…
Changes applied. Waiting for services to start… Bridge interface has been assigned IP: 172.17.2.17
13 Cisco Confidential
Documents / Resources
 |
CISCO Smart Software Manager On-Prem Console [pdf] User Guide SSM_On-Prem_9, Smart Software Manager On-Prem Console, Software Manager On-Prem Console, Manager On-Prem Console, On-Prem Console |