ManualsPro Cisco cisco Identify Network Security Advisories User Guide

cisco Identify Network Security Advisories User Guide

June 8, 2024
Cisco

Identify Network Security Advisories

cisco Identify Network Security Advisories
User Guide

Security Advisories Overview

The Cisco Product Security Incident Response Team (PSIRT) responds to Cisco product security incidents, regulates the Security Vulnerability Policy, and recommends Cisco Security Advisories and Alerts.
The Security Advisories tool uses these recommended advisories, scans the inventory within Cisco DNA Center, and finds the devices with known vulnerabilities.

Prerequisites

To use the Security Advisories tool, you must install the Machine Reasoning package. See Download and Install Packages and Updates in the Cisco DNA Center Administrator Guide.
If you log in to Cisco DNA Center as an Observer, you cannot view the Security Advisories tool in the home page.

View Security Advisories

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Cisco DNA Center uses the knowledge base to identify security issues and improve automated analysis. We recommend that you update the knowledge base on a regular basis to view the latest security advisories.
a) In the Cisco DNA Center GUI, click the Menu icon ( ) and choose System > Settings > Machine Reasoning Knowledge Base.
b) Click Import, or click Download to download the latest available knowledge base, and then click Import.
c) Click the AUTO UPDATE toggle button to subscribe to automatic updates.

Note

  • The security advisories dashboard shows security advisories published by Cisco that may affect devices on your network based on the software image currently installed. A further analysis of the configuration, platform details, or other criteria is required to determine if a vulnerability is actually present.
  • The Overview tab with its security advisories graphic displays the distribution percentage of impact on the network, such as Critical, High, Medium, Low, or Informational.
  • Security advisories scanning is only available for routers and switches that are running the minimum supported software version. For more information, see Cisco DNA Center Supported Devices.
  • The security advisories displayed are subject to the Cisco Security Vulnerability Policy.

The following table describes the information that is available.

Column Description
Advisory ID ID of the security advisories found in the tick\ ork. Click the

ID to go to the respective advisory web page.
Advisory title| Name of the security vulnerability advisory applicable to the network devices.
CVSS score| Score evaluated based on the Common Vulnerability Scoring System (CVSS) model.
Impact| Impact of the vulnerability on the network.
CVE| Common Vulnerabilities and Exposures (CVE) identifier for the vulnerability.
Devices| The number of devices impacted by the vulnerability. Click the number to view the devices that may be vulnerable based on this specific advisory, and upgrade the devices as needed.
Match Type| Indicates whether the vulnerability was detected based on Image Version match or Configuration match.
Known since (days)| The number of days since the vulnerability was discovered.
Last updated| The date when the advisory was last updated.

Step 3
Click the Devices tab to view the number of advisories applicable to each device.
a) Click the number of advisories to view all that match the device.
b) Click the topology icon in the top-right corner to view the device topology. You can click a device in the topology to view all advisories that match the device.
A lock icon next to the device indicates that there are one or more advisories applicable to the device.
Step 4
Click Scan Network at any time to refresh the results displayed.

Schedule a Security Advisories Scan

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
Click Scan Network.
The Scan Network window appears.
Step 3
To scan the security advisories immediately, click the Now radio button and click Start.
Step 4
To schedule the scan for a later date and time, click the Later radio button and specify the date and time.
Step 5
Use the Time Zone drop-down list to schedule the scan according to a specific time zone.
Step 6
Choose the recurrence option: None (the default), Daily, or Weekly.
Step 7
In the Run at Interval field, enter the number of days or weeks for the recurrence of the scan.
Step 8
(Optional) Check the Set Schedule End check box to schedule an end date and number of occurrences.
a) To schedule a scan end date, click the End Date radio button and define the date and time.
b) To define the number of scan occurrences, click the End After radio button.
Step 9
Click Schedule.
Step 10
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Activity > Tasks and confirm the schedule and recurrence of the scan.

Note
In Cisco DNA Center releases earlier than 2.1.1.x, you have the ability to opt in or out of telemetry that Cisco collects. When you opt in, we collect your cisco.com ID, system telemetry, feature usage telemetry, network device inventory, and license entitlement. Telemetry is not application or feature specific; the disclosure of telemetry is for all of Cisco DNA Center. In Cisco DNA Center 2.1.1.x and later, telemetry collection is mandatory. The telemetry is designed to help the development of features that you use. See the Cisco DNA  Center Data Sheet for a more expansive list of data that we collect.

When a security advisory scan runs, the following telemetry data is collected:

  • Whether automatic update of knowledge packages has been set up.
  • Whether recurring scanning and recurring reports have been set up.
  • The number of reports that have been run.
  • The number of devices with a security advisory match based on software version and configuration.
  • The number of thumbs up/thumbs down votes, per scan.
  • The manual configurations entered as a search, and the associated advisory.
  • The number of advisory matches by software version and configuration, including product family.
  • The number of devices based on other categories (zero advisories, unknown, and unsupported).
  • The number of successful, failed, and terminated scans.
  • The average scan time.

Hide and Unhide Devices from an Advisory

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Step 3
In the Scan Network window, choose Now, and then click Start.
Step 4
To hide the devices from an advisory, do the following:
a) From the Focus drop-down list, choose Advisories.
b) In the Devices column, click the devices count that corresponds to the advisory for which you want to hide the devices.
The Active tab shows the number of devices for which these advisories are issued.
c) Choose the devices that you want to hide and click Suppress Device.
The hidden devices can be viewed in the Suppressed tab.
d) Close the advisory window and view the change in the device count for this advisory.

Step 5
To restore the devices to an advisory, do the following:
a) From the Focus drop-down list, choose Advisories.
b) In the Devices column, click the devices count that corresponds to the advisory for which you want to unhide the devices.
c) Click the Suppressed tab to view the hidden devices.
d) Choose the devices that you want to unhide and click Mark as Active.
The restored devices can be viewed in the Active tab.
e) Close the advisory window and view the change in the device count for this advisory.

Hide and Unhide Advisories from a Device

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Step 3
In the Scan Network window, choose Now, and then click Start.
Step 4
To hide the advisories for a device, do the following:
a) From the Focus drop-down list, choose Devices.
b) In the Advisories column, click the advisories count that corresponds to device for which you want to hide the
advisories.
The Active tab shows the number of advisories issued for this device.
c) Choose the advisories that you want to hide and click Suppress Advisory.
The hidden advisories can be viewed in the Suppressed tab.
d) Close the device window and view the change in the advisory count for this device.
Step 5
To restore the advisories for a device, do the following:
a) From the Focus drop-down list, choose Devices.
b) In the Advisories column, click the advisories count that corresponds to the device for which you want to unhide the advisories.
c) Click the Suppressed tab to view the hidden advisories.
d) Choose the advisories that you want to unhide and click Mark as Active.
The restored advisories can be viewed in the Active tab.
e) Close the device window and view the change in the advisories count for this device.

Add Notification for a New Security Advisory KB

A security advisory Knowledge Bundle (KB) uses a Machine Reasoning Engine (MRE) to scan the network.
You can configure Cisco DNA Center to notify you when a new security advisory Knowledge Bundle (KB) is available. After you enable notifications, Cisco DNA Center displays a visual notification and actionable alert whenever a new security advisory Knowledge Bundle (KB) is available.
The following procedure explains how to add notifications for a new security advisory knowledge bundles:

Before you begin

  • You must install the Cisco DNA Center core package. See Download and Install Packages and Updates in the Cisco DNA Center Administrator Guide.
  • You must install the Machine Reasoning (MRE) package. See Download and Install Packages and Updates in the Cisco DNA Center Administrator Guide.
  • The following containers must be present in your system:
  • cnsr-reasoner
  • cloud connectivity/download

Step 1
In the Cisco DNA Center GUI, click the notification icon located at the top- right corner. From the drop-down menu, select the gear icon to view the notification preferences.
Step 2
In the My Profile and Settings window, enable the security advisory notification by choosing the Security Advisories option.
Step 3
Click Save.
Step 4
In the Machine Reasoning Engine window, click the Download Latest link to download the latest knowledge bundle.
Step 5
Review and update the Knowledge Base settings.
Step 6
In the Security Advisory Settings section, choose the recurrence option: None (default), Daily, or Weekly.
Step 7
In the Cisco DNA Center GUI, choose Notification Center > Go to Security Advisories to view the Security Advisories tool page directly.
Step 8
Rescan the network with the newly downloaded security advisories. For more information, see Schedule a Security Advisories Scan, on page 3.

View Security Advisories in Inventory Page

The Cisco DNA Center security focus view allows you to view the list of security advisories for your devices, based on the data retrieved from the previous security scan. The device data that you retrieve from the Security Advisories tool is now displayed in the inventory page.
Use the following procedure to view the security advisories column in the inventory page:

Before you begin

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
Click Scan Network.
The Scan Network window appears.
Step 3
To scan the security advisories immediately, click the Now radio button and click Start. For more details, refer Schedule a Security Advisories Scan.
Step 4
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Provision > Devices > Inventory.
Step 5
From the FOCUS: Inventory drop-down menu, select Security.
The Advisories column is displayed in the Inventorytable.
Step 6
In the Device Details page, select a device and view the advisories data.
Step 7
Click Manage All to navigate to Security Advisories tool.

Add a Match Pattern

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Step 3
In the Scan Network window, choose Now, and then click Start.
Step 4
Choose an advisory and in the Match Type column, click Add match pattern.
Step 5
In the Add Configuration Match Pattern window, enter the condition to match with devices in the CONDITIONS text box.
Step 6
Click Save.
The match pattern is added to the advisory.
Step 7
Click Scan Network to check the number of devices that match with the match pattern.

Define AND/OR for the Match Pattern

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Step 3
In the Scan Network window, choose Now, and then click Start.
Step 4
Choose an advisory and in the Match Type column, click Add match pattern.
Step 5
In the Add Configuration Match Pattern window, do the following:
a) In the CONDITIONS text box, enter a condition and then click the Add icon.
b) From the drop-down list, choose AND or OR and then enter the next condition.
c) If you want to delete a condition, click the Remove icon.
d) Click Save.
The match pattern is added to the advisory.
Step 6
Click Scan Network to check the number of devices that match the match pattern.

Edit the Match Pattern

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Step 3
In the Scan Network window, choose Now, and then click Start.
Step 4
Choose an advisory that already has a match pattern and in the Match Type column, click Edit match pattern.
Step 5
In the Edit Configuration Match Pattern window, enter the condition to match with devices in the CONDITIONS text box.
Step 6
Click Save.
The match pattern is changed.
Step 7
Click Scan Network to check the number of devices that match the match pattern.

Delete the Match Pattern

Step 1
In the Cisco DNA Center GUI, click the Menu icon ( ) and choose Tools > Security Advisories.
Step 2
If you are launching the Security Advisories page for the first time, click Scan Network.
Step 3
In the Scan Network window, choose Now, and then click Start.
Step 4
Choose an advisory that already has a match pattern and in the Match Type column, click Edit match pattern.
Step 5
In the Edit Configuration Match Pattern window, click Delete.
The match pattern is deleted.

Identify Network Security Advisories

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>

Cisco User Manuals

cisco Configuring Console Access Instructions
Cisco
cisco HyperFlex HX-Series Data Platform for HCI Instructions
Cisco
CISCO Meraki Cloud Monitoring for Catalyst User Guide
Cisco
CISCO Cloud-Delivered Catalyst SD-WAN Platform User Guide
Cisco
CISCO 60079011 Wi Fi 6 E Access Point User Manual
Cisco
CISCO IP Phone o Through the Normal Startup Process User Guide
Cisco
CISCO Install Enterprise NFVIS Using USB User Guide
Cisco
CISCO NCS 1014 Network Convergence System 1014 Instruction Manual
Cisco
CISCO Set Up Webex User Guide
Cisco
CISCO Webex App User Guide
Cisco
CISCO DNA Center Configure Telemetry User Guide
Cisco
802.11 Parameters for Cisco Access Points User Guide
Cisco
CISCO Nexus 3000 Series NX-OS Verified Scalability Guide Release 9.3 Instruction Manual Product Information
Cisco
CISCO P-LTE-450 Cellular Pluggable Interface Module Configuration User Guide
Cisco
CISCO Nexus 3600 Series NX-OS Verified Scalability Guide Release 9.3 User Guide
Cisco
CISCO Nexus 3000 SeriesNX-OS Verified Scalability Guide Release 9.3 User Guide
Cisco
CISCO Nexus 3000 Series NX-OS Verified Scalability Guide User Guide
Cisco
CISCO Nexus 9804 NX-OS Mode Switch Hardware Installation Guide
Cisco
CISCO Nexus 3548 Series NX-OS Verified Scalability Instructions
Cisco
CISCO 9.0SU Emergency Responder User Guide
Cisco

Related Manuals

Tempo 30 Rose Gold Wireless Earbuds for Small Ears Women, Cute Pink Bluetooth-Complete Features/Instruction Guide
BACK BAY
PROMATIC Falcon Clay Target Launcher Rear Pusher Timing Method User Manual
PROMATIC
PHILIPS GCA1000/60 Sneaker Cleaner Instructions
Philips
APsystems 4305109902 Microinverter Night Consumption Instructions
APsystems
CHORD ACT12 Auto Clip Tuner User Manual
chord
iHealth PO2 Pulse Oximeter Instruction Manual
iHealth
ROUGH COUNTRY GM 2007-16 1.75 Inch Rear Lift Kit Instruction Manual
Rough Country
ViewSonic VA2215-H 22-Inch 75Hz FHD Adaptive Sync Monitor User Guide
Viewsonic
iLive ISB103 Mini Lit Bluetooth Party Speaker User Manual
iLive
INTERLIGHT IL-D29DALI2 One4all Driver Installation Guide
INTERLIGHT
AVERTX HD300 High Definition Network Dome Camera User Manual
AVERTX
logitech Stylus Pen for Education Instructions
Logitech
MASSIMO ELECTRIC 200w Foldadble Solar Panel Charger User Manual
MASSIMO ELECTRIC
HEINNER HFP-750BG Food Processor User Manual
HEINNER
RADIX MACH-767 Wireless Footswitch User Manual
RADIX
AffiVET AFG-VR-72 AIV Antigen Rapid Test Kit User Guide
AffiVET
LYNGDORF CD-2 Red Book CD Player User Manual
LYNGDORF
COSTWAY SP37614 Folding Treadmill User Manual
COSTWAY
ATOLL ELECTRONIQUE AM100 Sig AMPLIFIER Owner’s Manual
ATOLL ELECTRONIQUE
ROCKVILLE Marine Led Speaker User Manual
RockVille
mPTech EZ-030146 Kids Smart Watch User Manual
mptech
Saachi SA-1440 Electric Coffee Grinder User Manual
Saachi
Keyboards GEPC361AB Wireless Mechanical Keyboard User Manual
Keyboards
Sleavon D023H 30 Pints Home Dehumidifier for Bedroom User Manual
Sleavon
HBC BX54 Gigabit Dual Band Wireless Router User Manual
HBC
Shen Zhen Seven Like SA03 Relaxing Sound Machine Instruction Manual
Shen Zhen Seven Like
Weber 6750 Meat Thermometer User Manual
Weber
KLARSTEIN 10046095 Aero Ring 9K Mobile Air Conditioner Instruction Manual
Klarstein
Wcfish001 Rechargeable Walkie-talkie User Manual
Wcfish
STAGE RIGHT P/Ns 600059 200-Channel UHF Dual Wireless Microphone User Manual
Stage Right
Contact Us   Privacy Policy   4.772ms