cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2252
Views
7
Helpful
3
Replies
Highlighted
Beginner

Resources to perform health checks on Cisco Security products

Hi,

I'm looking for resources and enablement material to performing Cisco health checks; especially on Cisco Security equipment. Now I've found various resources scattered on different places, and I'm wondering where would be the best place to go and find out more on this subject.

The following are a few examples of resources that I've found up until now:

  1. Cisco FireSIGHT Health Monitoring - http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/Health-Monitoring.html
  2. Cisco Active Advisor - http://www.cisco.com/c/dam/en/us/products/se/trainingCY2016/Cisco_Active_Advisor_May_19.pdf
  3. ESA System Health Parameters and System HealthCheck - http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118881-technote-esa-00.html
  4. Data Center  HealthCheck Assessment Services - http://www.cisco.com/c/dam/en_us/solutions/industries/docs/gov/44644_QuickHealthCheck_WP-1c.pdf
  5. Network Assessment HealthCheck services - http://www.cisco.com/c/dam/en_us/about/doing_business/legal/service_descriptions/docs/ASF_Cisco_Assessment_Service_for_Network_Health_Check_1.pdf

I'll appreciate it if anyone can point me in the right direction.

Thank you,

Juan

Everyone's tags (3)
3 REPLIES 3
Highlighted
Cisco Employee

Re: Resources to perform health checks on Cisco Security products

Hi Juan -

I found this resource: Tools & Resources - Cisco.  Do any of these tools help you with your need? 

Let me know and I can create a handy document within the community so you can readily find it in the future.

Thanks,

Heather

* As a CCP member, make sure you are subscribed to all boards (discussions, documents, blogs, videos, and events so you always get the latest information from the program.
Highlighted
Cisco Employee

Re: Resources to perform health checks on Cisco Security products

Juan and Community,

You have options when it comes to checking the health of your Cisco Stealthwatch install.  One option is to engage the Advanced Services team (formerly known as Lancope Professional Services) to for a health check and tuning engagement.  See: https://www.lancope.com/sites/default/files/Lancope-Professional-Services-Health-Check-and-Tuning%20-%20FINAL.pdf

There is a lot that you can do on your own to check the health of your Stealthwatch installation.

Just by using your Stealthwatch Management Console (SMC) to check your connected devices you are checking the communications channel between the SMC and the flow collectors (and flow sensors if installed).  You can also check whether the communications channel to your local ISE server is operational (ISE server will be online) at the SMC.

Running the Java client from the SMC (in addition to using the web client) is important because it validates that you have the needed version of Java installed.  Too often Stealthwatch admins who don't usually use the Java client will find that they need to apply a Java update before they can run the client.  Also clean up old version of Java while you are here.

Verify flow collection.  Look at the directory structure in the SMC Java client and make sure that each of your flow collectors listed are online and functioning.  If they are functioning the flow count should be increasing.  Sometimes you'll find that one or more devices that should be exporting flow have gone off line.

Using the Admin interface check to make sure that all your SMC, flow collectors and flow exporters licenses are up to date; that all are using the same NTP clock and DNS settings; and all your certificates.

Katherine McNamara wrote a great post on her blog about Stealthwatch Appliance Administration (applies to both the physical and virtual appliances).  It's a great reference.

I hope this helps. 

Brian

Highlighted
Contributor

Re: Resources to perform health checks on Cisco Security products

Hi Juan,

Just to add some information in your list. If you are also looking for ESA / WSA health check, you can also contact to Cisco SAC team. You can contact them at sac-support@cisco.com