cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
916
Views
0
Helpful
6
Replies

N5K reporting consistency issue using CSPC

trey.s.grunDD
Level 1
Level 1

All,

 

Please forgive me if there is significant information lacking.  I am attempting to support a customer who apparently has at least 4 N5K's running an identical HW configuration and software versions collected by CSPC and monitored by SNTC.  The issue reported by the customer is that SNTC has alerted that two of these N5K's are susceptible to the following:

 

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-fabric-execution

 

After confirming that all four N5K's are affected by the vulnerability, the customer is concerned about why SNTC is only alerting about two of them.  I will upload the corroborating output regarding the HW/SW consistency, however, I do not know how to determine if the reporting issue is a problem with the setup of CSPC or SNTC....  I attempted to open a TAC case, but it simply gets routed to the N5K team and they seem to know less about SNTC than I do.

 

Please assist.

6 Replies 6

adias
Cisco Employee
Cisco Employee

 

 

PLEASE SEND ME IN PRIVATE THE SNTC PORTAL COMPANY NAME AND THE SPECIFIC IP OF THE 2 BEING ALERTED AND THE 2 NOT, AS WELL AS THE TAC CASE NUMBER WITH THE N5k team

 

As for opening a TAC case for SNTC collector and/or portal the following would be required:

To get TAC support for SNTC Collect and Portal customer needs to have Smart Assist. This is included in bellow mentioned contracts:

  • TS Advantage Bronze/Silver/Gold and Platinum (TSAB, TSAS, TSAG, TSAP)

  • AMSP, AMSS, AMST, FTSS, SPADV, PNSAS

  • CSAS or NLS1

 

 

 

Chris Camplejohn
Cisco Employee
Cisco Employee

According to SNTC, the other 2 devices are running 7.3(5)N1(1) code which is not vulnerable to the Security Advisory in question.

Yes.

 

The customer updated those devices within the last week.

 

"Just an additional information, the NA2 devices we upgraded to the new software 7.3(5)N1(1)"

 

I'll check one more time if he's interested in pursuing the inconsistency problem, but just to confirm - Cisco sees the devices normally in the customer portal?

They looked fine to me. Not sure what inconsistency problem you believe exists.

adias
Cisco Employee
Cisco Employee

 

As Chris, mentioned above (Thank you Chris) here is what the SNTC portal is reporting at the last collected date, making the Portal as far as we know correct, do you see a different data?

 

last.JPG

adias
Cisco Employee
Cisco Employee

just a reminder that data on the Portal is not real time it will depend on the data that is uploaded from the collector. a best practice is one a week.  He may have seen  .  So ensure that is he wants to see the latest or depending on a maintenance windows that he either check when the collection and uploads occur so he can determined the time or do an on demand collection.  For as it shown at the moment there is no discrepancies

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: