Académique Documents
Professionnel Documents
Culture Documents
1 V1
30 MINUTES PART 3
SCENARIO 4. CONFIGURATION
Ratnesh
Cisco Prime Infrastructure provides multiple options to manage, maintain, deploy and
audit configurations for the entire network.
1. From the Configuration > Network > Network Devices page, you can view all devices
and device configuration information. You can add, edit, delete, sync, and export
devices, add and delete devices from groups and sites, and perform a bulk import.
2. Select one of the devices from the list and click Edit.
3. Close the window after exploring the options.
SCENARIO 4. CONFIGURATION
The Compliance Services feature allows you to run Cisco PSIRT security and EOX obsolete-
device compliance reports. You can also establish baseline device configuration
standards, and then audit field configurations against these standards to identify devices
that are non-compliant and how their configuration differs from the standards.
Compliance Services are available only on the Professional virtual appliance and on the
Cisco Unified Computing System (UCS) Gen 2 physical appliance.
1. Go to Configuration > Compliance > Profiles.
2. Select the dCloudTest profile.
3. Select the third Policy in the list. You can see from the information for the rules defined
for this policy that it will check that a device configured with a DNS server.
4. Policies are defined by the user and then added to Profiles. Select Configuration >
Compliance > Policies to see the policies that have been created on this system.
5. Click the information icon next to a policy to see options for exporting or viewing the
policy in XML format.
6. To use the dCloudTest profile to audit network devices in this demonstration, select
Configuration > Compliance > Profiles.
DEVICE COMPLIANCE
7. Select the dCloudTest policy and then click the Run Compliance Audit icon.
8. Select the Location > All Locations > Asia Pacific box.
9. Select the Use current device configuration radio box and then click Next.
10. Give the job a name and click Finish.
11. To check the progress of the compliance job, go to Configuration > Compliance > Jobs.
10. Give the job a name and click Finish.
11. To check the progress of the compliance job, go to Configuration > Compliance > Jobs.
12. Your job should show as Running for some time. Once the job is complete, it will show a
Last Run Result as Failure. This is because the devices are out of compliance with the policies
assigned to the dCloudTest profile.
13. Once the job has completed, click the Failure link to open the Compliance Audit
Violations Details window.
14. Click X to close the window. 15. Click the Violation Summary tab to see which devices
and policies caused the compliance job to fail. The Violation Message will indicate which
policy the device was not in compliance with.
You can run a report to determine if any devices in your network have security
vulnerabilities as defined by the Cisco Product Security Incident Response Team (PSIRT).
You can also view documentation about the specific vulnerability that describes the
impact of vulnerability and any potential steps needed to protect your environment.
1. Go to Reports > PSIRT and EoX.
2. Click the Device PSIRT tab to view PSIRT information.
3. In the PSIRT Title column, click the hyperlink to view the full description of the security
vulnerability.
4. This will open a separate window where you can read details of the vulnerability and
next steps. You can download the PSIRT report in PDF and CSV formats.
Viewing End-of-Life Reports
You can run a report to determine if any Cisco device hardware or software in your
network have reached its end of life (EOX). This can help you determine product
upgrade and substitution options. 1. Click each of the following EOX tabs to view the
report information specific to that tab: Device Hardware EOX