Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
652
Views
0
Helpful
6
Replies

Upload inventory archive via an intermediary system

graham.kirtley
Level 1
Level 1

‎11-10-2016 08:31 AM

Hi folks,

I have a new collector that will be deployed isolated from the internet, any file upload will need to support being transferred to an intermediary system. Note that the currently available mechanism of using a https proxy is not deemed sufficiently secure, and an 'air gap' between the collector and any external notwork is required.

So... is it feasible to change the destination address (on the collector) from 'nettools-upload.cisco.com' to an intermediate system?

Also can we use the credentials that are supplied within the entitlement that is obtained via the SNTC portal?

Thanks,

Graham

Labels:
0 Helpful
6 Replies 6

Lynden Price
Cisco Employee
Cisco Employee

‎11-13-2016 11:07 AM

Hi Graham,

I believe the only proxy mechanism that will work is the one built into the collector software, which is configured through the CSPC admin shell. Would that work for you or is that what you are referring to when you say "https proxy"?

Thanks,

Lynden

0 Helpful

graham.kirtley
Level 1
Level 1
In response to Lynden Price

‎11-14-2016 05:33 AM

Hi Lynden,

Working through a proxy (as I do for 8 existing collectors) isn't going to be acceptable by our security team.  Therefore will need to be able to upload the archive to an intermediary system (file server) then it will upload to Cisco.

In order to support this the following aspects will need to be fully understood and implemented if possible:

  1. change the destination address on the collector for the upload; change to that of the 'file server'
  2. create a set of credentials between the CSPC & the 'file server' - this should be OK, standard mechanisms available within Linux
  3. use the Cisco supplied credentials for that CSPC instance at the 'file sever', so the upload to Cisco can be established

The first and third points are the ones where we need confirmation that it is feasible.

Rgds,

Graham

0 Helpful

usuee
Level 1
Level 1
In response to graham.kirtley

‎11-14-2016 10:50 AM

Graham;

I have a collector completely shut off from the internet.  I have to run a collection then log in to the collector and transfer the file to another server that will scan the file and deliver it to a system that does have internet access.  From there, I log into my SmartNet portal and do a File Import.

It is possible.  If you need better directions, I could go into better detail.

Rich

0 Helpful

graham.kirtley
Level 1
Level 1
In response to usuee

‎11-15-2016 09:46 AM

Hi guys,

Yep, I'm aware of the manual option and I use it for the initial uploads; but we will soon have 10's of collectors covering dynamic networks (many device changes each week) and the aim is to automate activities not create more work ;-)

Now I can easily automate the transfer of the archive to the intermediate system via scp.  so it is just the upload to the the Cisco back end that needs to be setup, and the only part of this that I'm unsure of is what credentials to use when making that transfer?

Rgds,

Graham

0 Helpful

Lynden Price
Cisco Employee
Cisco Employee
In response to graham.kirtley

‎11-17-2016 10:21 AM

Hi Graham,

I don't actually know how you would set up what you're asking for, but the connection between your side and the Cisco back end is authenticated with the SSL certificate (entitlement) that is generated when you are setting up the collector. If you extract that, you might be able to make some use of it.

Thanks,

Lynden

0 Helpful

Lynden Price
Cisco Employee
Cisco Employee
In response to graham.kirtley

‎11-14-2016 01:53 PM

I've attached a document describing what Rich is talking about below. It is a very manual process, but it should work.

Thanks,

Lynden

Preview file
22 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents