Hello, I have installed custom certificates on manager, data node, flow connector and udp director. I am adding a flow sensor to the cluster and obviously it will not allow the manager to manage it because the sensor does not have the custom root CA ...
Welcome to the Security Analytics Board!
Please take a look at our Stealthwatch Information Hub and our Stealthwatch Use Cases.Forum Posts
Hello, While installing a custom certificate on the data store node, it prompted me to stop the data store before installing the certificate. I did so, installed the certificate and chain as node identity and in the trusted store. The Data store node...
How do you typically size a Stealthwatch solution? Based on the number of flows, right? But what would be the most effective way to estimate the number of flows? Cisco does provide the Flows Per Second Estimator tool but I am not entirely sure how to...
Hello everyone, Could enyone tell me, how Cisco ASA recognize installed AV protection? My client is testing new AV software on Mac devices. Everything works great, but on cisco devices, security admins recieve an error: ANYCONNECT-011 = Mac with No A...
does anyone have experience with this or can perhaps guide me on this question If i have a Distribution device with 100 Edge device hanging off the Distribution all L3 and i want to enable Netflow to export flows to the collector. Isn't the distribut...
I have deployed the ISO for an on premise sensor running 5.1.1 in VMware. I have set a proxy variable in /opt/obsrvbl-ona/config.local same as the older 4.3 sensor. The new install wont connect to the cloud portal and I can see in Splunk that it is ...
Question: What's the fastest way to determine which sensor reports an observation or alert in Stealthwatch?Challenge: I have multiple sites with Cisco FTD firewalls, managed by CDO. I also have several ONA sensors deployed throughout a global network...
Hi Team, Please check and confirm We are unable to register the base license for FTD we are getting mentioned error(Screenshot). FTD in HA and currently secondary device not working
Hi,I want to keep my UDP2010 at 7.1.1, not connected to the CM, and upgrade the rest of the environment to 7.2.1. I know it's frowned upon. Will the netflow data still be readable in a 7.2.1 flow collector?
Hi Team, Please need help to close mentioned the Vulnerabilities of C3750X-24T-S cisco switch. Vulnerabilities:-SSL Certificate Expiry Version 15.2(4)E10. Thanks & Regards, Sachin Sharma
Hi Team, Please need help to close mentioned the Vulnerabilities of C3750X-24T-S cisco switch. Vulnerabilities:-SSL RC4 Cipher Suites Supported (Bar Mitzvah) Version 15.2(4)E10. Thanks & Regards, Sachin Sharma
Hi Team, Please need help to close mentioned the Vulnerabilities of C3750X-24T-S cisco switch. Vulnerabilities:-TLS Version 1.0 Protocol Detection Version 15.2(4)E10. Thanks & Regards, Sachin Sharma
Hi Team, Please need help to close mentioned the Vulnerabilities of C3750X-24T-S cisco switch. Vulnerabilities:-TLS Version 1.1 Protocol Deprecated Version 15.2(4)E10. Thanks & Regards, Sachin Sharma
Hi Team, Please need help to close mentioned the Vulnerabilities of C3750X-24T-S cisco switch. Vulnerabilities:-SSL Medium Strength Cipher Suites Supported (SWEET32) Version 15.2(4)E10. Thanks & Regards, Sachin Sharma
Hi Team, Please need help to close mentioned the Vulnerabilities of C3750X-24T-S cisco switch. Vulnerabilities:-SSSL Certificate Signed Using Weak Hashing Algorithm Version 15.2(4)E10. Thanks & Regards, Sachin Sharma
