Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
938
Views
0
Helpful
2
Replies

Tool is too risky to use. Breaches many security and privacy concerns.

RicheeJJJ_2
Level 1
Level 1

‎09-29-2016 10:56 AM

I downloaded the Cisco CLI Analyzer, added my CCO login, added my firewall's IP, username, and password, and upon running the analyzer on the firewall, when the show commands complete you see this message:

* Uploading ASA show conn data to Cisco

I ran wireshark at the same time to verify and in fact this tool is sending tons of data to api.cisco.com. My conclusion is either the executable is unable to do the analysis of the config and sends the config to api.cisco.com for analysis or Cisco just wants to collect your configs for their own sake. This is really bad security and it says no where in the license agreement that my data is being sent to Cisco.

I imagine the data that is sent to Cisco may be:

* The device IP, username, and password (since I had to enter it into the tool!)

* The device's make, and model, version, hostname, and IP

* The device's open ports it's listening on or permitting through

* The current security posture of the device.

If Cisco is collecting any or all of this then I highly recommend never using this tool as it may compromise your compliance and audits.

Labels:
0 Helpful
2 Replies 2

Jonathan Unger
Level 7
Level 7

‎10-03-2016 10:16 PM

Hi There,

I would suggest hovering over the various options presented by the CLI analyzer for your device.

For example the "Systems Diagnostics" tool:

It says right in the tooltip that it is going to upload your "show tech" output to Cisco for analysis.

If your configurations are too sensitive to send up to the cloud, then I wouldn't recommend using the cloud analysis functions (such as systems diagnostics).

0 Helpful

John Bollier
Cisco Employee
Cisco Employee
In response to Jonathan Unger

‎10-04-2016 08:13 AM

System Diagnostics per above: As stated the use of "show tech" and that it is uploaded to Cisco is documented in 3 areas.

1. Hover over in the tool as shown above.

2. In the help documentation https://cway.cisco.com/docs/cisco-cli-analyzer/3.1/Tool_Descriptions.htm

3. In the CLI as the System Diagnostics is run. "Command In Progress show tech". Then at the very bottom of the CLI session "Uploading data to Cisco" is displayed. Before you use any of the tools that analyze output. You have to provide valid a CCO login and have an active support contract. Otherwise, access to the tool(s) will be restricted.

*** Upon completing analysis of the "show tech" the file is immediately deleted by Cisco. ***

If customers have security concerns or requirements prohibiting this. File Analysis can be used to perform an analysis of a sanitized show tech or you may use specific commands if you choose to narrow the focus. Please review supported commands in File Analysis.

We provide these tools and capabilities to help our customers in support of their Cisco network. We also realize one size does not fit all. Hence the two different options outlined above.

Regards,

John

0 Helpful
Customers Also Viewed These Support Documents