09-29-2016 10:56 AM
I downloaded the Cisco CLI Analyzer, added my CCO login, added my firewall's IP, username, and password, and upon running the analyzer on the firewall, when the show commands complete you see this message:
I ran wireshark at the same time to verify and in fact this tool is sending tons of data to api.cisco.com. My conclusion is either the executable is unable to do the analysis of the config and sends the config to api.cisco.com for analysis or Cisco just wants to collect your configs for their own sake. This is really bad security and it says no where in the license agreement that my data is being sent to Cisco.
I imagine the data that is sent to Cisco may be:
* The device IP, username, and password (since I had to enter it into the tool!)
* The device's make, and model, version, hostname, and IP
* The device's open ports it's listening on or permitting through
* The current security posture of the device.
If Cisco is collecting any or all of this then I highly recommend never using this tool as it may compromise your compliance and audits.
10-03-2016 10:16 PM
Hi There,
I would suggest hovering over the various options presented by the CLI analyzer for your device.
For example the "Systems Diagnostics" tool:
It says right in the tooltip that it is going to upload your "show tech" output to Cisco for analysis.
If your configurations are too sensitive to send up to the cloud, then I wouldn't recommend using the cloud analysis functions (such as systems diagnostics).
10-04-2016 08:13 AM
System Diagnostics per above: As stated the use of "show tech" and that it is uploaded to Cisco is documented in 3 areas.
1. Hover over in the tool as shown above.
2. In the help documentation https://cway.cisco.com/docs/cisco-cli-analyzer/3.1/Tool_Descriptions.htm
3. In the CLI as the System Diagnostics is run. "Command In Progress show tech". Then at the very bottom of the CLI session "Uploading data to Cisco" is displayed. Before you use any of the tools that analyze output. You have to provide valid a CCO login and have an active support contract. Otherwise, access to the tool(s) will be restricted.
*** Upon completing analysis of the "show tech" the file is immediately deleted by Cisco. ***
If customers have security concerns or requirements prohibiting this. File Analysis can be used to perform an analysis of a sanitized show tech or you may use specific commands if you choose to narrow the focus. Please review supported commands in File Analysis.
We provide these tools and capabilities to help our customers in support of their Cisco network. We also realize one size does not fit all. Hence the two different options outlined above.
Regards,
John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide