installed on a server inside the customer network. Q. How is ... Network Collector may reside on Cisco and partner lapto
Q&A
Inventory and Reporting Security Q&A G ene ral Q. What is Inven to ry Rep orting , Collection , and Ana lysis? A. Inventory Reporting, Collection, and Analysis is a tool that discovers, collects, and analyzes ®
Cisco network devices and provides various detailed reports on the devices deployed in customer networks. To help ensure customers stay informed about important alerts announced by Cisco, Inventory Reporting, Collection, and Analysis also includes a Product Alerts/Advisory report displaying Cisco alerts that affect devices in customer networks. Inventory Reporting, Collection, and Analysis also allows customers to customize reports displaying only the inventory data that is of most interest and importance and omit the information that is not relevant.
Q. What is the Invento ry Collection , Repo rting , and Analysis deploy men t model?
A. Inventory Reporting, Collection, and Analysis is a system composed of Cisco Network Collector; Transport Gateway; Inventory Reporting, Collection, and Analysis; and the Inventory Reporting, Collection, and Analysis portal. The Cisco Network Collector collects network device inventory and network device configuration data based on product and collection rules from the customer network and uploads the data securely to the Cisco back end (that is, Inventory and Reporting) for analysis and reporting. Cisco Network Collector relies on Transport Gateway, which securely transports customer network data collected by Cisco Network Collector to Inventory and Reporting, which resides in the Cisco back-end system (that is, behind the Cisco firewall). The Inventory Reporting, Collection, and Analysis web portal enables the Inventory Reporting, Collection, and Analysis user to register other users for access to Inventory Reporting, Collection, and Analysis and to securely view reports of a user’s network devices and configuration. The Inventory Reporting, Collection, and Analysis web portal is the only mechanism from which a user can generate and view various reports and export the reports to PDF or CSV format.
Q. What security po licy does Inven tory Repo rting , Collec ti on, and Ana lys is address?
A. Inventory Reporting, Collection, and Analysis security covers data use and data security measures for customer network data collected by Cisco Network Collector and processed by Inventory Reporting, Collection, and Analysis.
Q. What is conside red custo mer ne two rk da ta? A. Customer network data includes network inventory, configuration, syslog, audit, and diagnostic data collected and analyzed by Cisco Service Technology Solutions (STS) tools. Also included within scope is the customer seedfile data identifying customer network hostnames, IP addresses, and device accounts and passwords, which is gathered prior to the collection process.
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 7
Q&A
Q. What is Secu ri ty Ale rt Manage r? A. Security Alert Manager is a web-based threat and vulnerability intelligence service that provides early warning, analysis, decision support, and threat management tools to aid our clients in protecting their electronic infrastructure. It issues alerts that cover the entire threat landscape: security vulnerabilities, malicious codes (worms, viruses, and Trojans), and global security trends. IntelliShield Alert Manager enables you to filter out all of the "noise" and only receive information on technologies that are relevant to your environment.
Q. How do I access Secu rity A lert Manage r? A. Security Alert Manager can be accessed at https://intellishield.cisco.com. Similar to Inventory Reporting, Collection, and Analysis, a username and password pair is required to access Security Alert Manager. Unlike Inventory Reporting, Collection, and Analysis, Security Alert Manager does not depend on the user’s Cisco.com ID and requires a user to create username and password pair to log in the IntelliShield portal.
Q. Is the connec ti on to the In tel liSh ie ld web po rta l secure? A. Yes. Connection to the Security Alert Manager web portal is over HTTPS to protect the privacy and confidentiality of the reporting data.
Q. What are you r sou rces fo r Security A lert Manage r? A. Security Alert Manager obtains alerts from public and private sources, including product vendors, government agencies, security firms, and more.
Q. How qu ickly does Secu rity A lert Manage r pub lis h ale rts compa red to o ther companies , like antivirus vendo rs?
A. Cisco puts alerts out in as timely a fashion as possible. Our goal is to provide a more complete picture than any single source.
Q. Why was Secu rity Ale rt Manage r not the fi rs t to come ou t wi th information on a th reat or vu lnerab il ity?
A. We cannot be first to publish every alert although we do strive to do so. We firmly believe that our content and our multiple sources, as well as our ongoing analysis, allow us to produce firstclass intelligence in a timely manner. Our multisource approach enables us to validate and verify information before we publish it as intelligence.
Da ta Us e Q. How does Cisco use custo mer ne two rk da ta? A. All customer network raw data collected by Cisco tools for service delivery will be used in the delivery of contracted services as well as for Cisco downstream services and business functions supporting Cisco customers and business.
Q. Who a t C isco has access to custo me r ne two rk d ata? A. Customer network data is available to Cisco internal personnel for use in approved business functions that include but are not limited to product development, product testing, integration testing, HW replacement, and contract renewal.
Q. How does Cisco con tro l access to cus tome r network data? A. All data use is controlled via individual user authentication with use limited to the stated business purpose. All use of customer network data for downstream services and businesses must be approved by Cisco STS and Legal.
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 7
Q&A
Da ta C oll ec tion Q. Where does the data collection take place? A. All data collection is done on the customer premises by Cisco Network Collector, which is installed on a server inside the customer network.
Q. How is secu rity contro lled during the col lection? A. Since the collection is done inside the customer network, data security from the customer network to Cisco Network Collector is controlled by the customer.
Q. Is the cus tome r respons ib le for the secu ri ty of the data col lected by Cisco Netwo rk Col lecto r?
A. Yes, until the data reaches Cisco Network Collector, the data security is now shifted to Cisco or the partner during the storage, transmission, and processing of the data.
Da ta Trans mis si on Q. Is the cus tome r data secure d when trans mi tting data from the custo me r netwo rk to Cisco back end?
A. Yes. Prior to transmission, customer raw data is packaged and encrypted using the AES-128 encryption algorithm. The encrypted data is also signed using PKI. This extra effort helps ensure a customer cannot view other customers’ data except his/her own. The encrypted and signed package is then transported via the secured HTTPS to the Cisco back end for service processing. By using HTTPS, the customer data is again encrypted before it reaches the upload server in the Cisco back-end system.
Q. What is AES -128 enc ryp tion? A. The Advanced Encryption Standard (AES) is adopted as an encryption standard by the U.S. government. This encryption algorithm is fast in both software and hardware, relatively easy to implement, and requires little memory. AES has been deployed on a large scale and offers strong encryption of the data to be transmitted.
Q. What is PK I? A. PKI stands for Public Key Infrastructure. It is a system for managing public-key encryption and digital certificates or signature services. By managing keys and certificates through a PKI, an organization establishes and maintains a trustworthy networking environment. A PKI enables the use of encryption and digital signature services across a wide variety of applications.
Q. Why is P KI importan t? A. To protect the security and privacy of customer network data, a digital certificate with digital signature containing: ●
The user's name in the format of a distinguished name. The distinguished name specifies the user's name and any additional attributes required to uniquely identify the user (for example, the distinguished name could contain the user's employee number).
●
A public key of the user. The public key is required so that others can encrypt for the user or verify the user's digital signature.
●
The validity period (or lifetime) of the certificate (a start date and an end date).
●
The specific operations for which the public key is to be used (whether for encrypting data, verifying digital signatures, or both).
●
By using PKI, Cisco provides customer the confidence that the key obtained from the certificate is valid and can be used only in the manner for which it is intended.
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 7
Q&A
Q. Why does Cisco use HTTPS to trans mi t cus tome r netw ork data? A. HTTPS encrypts and decrypts the information between the client and server using SSL. By using SSL, the customer network data is again encrypted, thus adding more security to the data during the transmission.
Da ta St ora ge Q. Afte r collection , whe re is the cus tome r ne two rk data s to red? A. Cisco Network Collector performs data collection on the customer premises only. Cisco Network Collector may reside on Cisco and partner laptops and notebooks or on dedicated collector servers at the customer premises. In order to protect against inappropriate access or use of the collector technology, Cisco Network Collector and the server it runs on are protected via security mechanisms including but not limited to the following: ●
Passwords are kept in encoded state in the db to minimize vulnerability.
●
Cisco Network Collector services are performed via unprivileged user accounts (no read/write access to the db).
●
Cisco Network Collector technology is access-restricted via CLI and/or web interfaces.
Q. Afte r the custome r ne two rk da ta is trans mi tted to Cisco back-en d sys tem , where is i t s to red?
A. When the customer network data reaches the Cisco back end, it is stored in an upload server. The data will be automatically purged three weeks after it is uploaded.
Q. When does Inven to ry Co llection, Repo rting , and Analysis retrieve the da ta fro m the upload serve r?
A. Inventory Reporting, Collection, and Analysis polls the upload server every minute to identify and pull over the newly collected data.
Q. How secu re is the upload serve r? A. There is strict access control to the upload server. The only persons who can log in to the upload servers are within Cisco (limited to a few user IDs who provide support from STS/IT). Servers are also monitored by Infosec/IT for inappropriate activity (since they're within Cisco DMZ) and do have firewall protection to help ensure no new ports are opened up on the server.
Q. Is the cus tome r network data on the Inven to ry R eporting , Co llec tion, and Analysis se rver encryp ted?
A. Data stored on Inventory Reporting, Collection, and Analysis server is not encrypted. However, Cisco complies with stringent requirements and internal policies for data protection of all internal Cisco servers. Inventory Reporting, Collection, and Analysis will validate the signature on the encrypted data before starting the decryption. If Inventory Reporting, Collection, and Analysis detects any discrepancy with the signature, it will not decrypt the data and notify the user about the problem. The user then has an option to reupload the data or investigate the root cause of the problem.
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 4 of 7
Q&A
Da ta Ac c es s Q. What is C isco’s policy to pro tect the secu ri ty an d privacy o f custo mer netwo rk da ta?
A. Cisco is committed to protecting the privacy and confidentiality of the customer data we store. To help ensure this the following steps are taken: ●
The Inventory Reporting, Collection, and Analysis application that processes customer data is located behind the Cisco firewalls and on a secure switched segment of the network.
●
The data that resides on these production machines is managed and controlled by Cisco IT.
●
The installation process for all Cisco IT machines follows a rigorous standard of security. This includes the installation of titan scripts to harden these machines.
●
The machines are kept in a lock-and-key facility where access is restricted to Cisco IT administrators only.
●
These machines are distributed in numerous geographical locations.
●
The data is backed up daily.
●
The uploaded customer network information is uncompressed and decrypted only on Cisco production machines inside the Cisco firewalls. Additional steps are taken to help ensure the signature on the encrypted data matches with the signature maintained in Inventory Reporting, Collection, and Analysis for the entitled company. If Inventory Reporting, Collection, and Analysis detects any change or mismatch of the signature, it will not decrypt the data.
Moreover, Cisco intrusion detection systems are deployed throughout the corporate network and the restricted network on which the back-end data is stored.
Q. Who has access to the ra w cus tome r ne two rk data? A. The Inventory Reporting, Collection, and Analysis server automates many tasks to process customer network data. If needed, only authorized staff is allowed to access the data. Moreover, all Cisco employees are required to protect and preserve the privacy of customer network data.
Re port s Q. How do custo me rs access the ir da ta repo rts? A. After Inventory Collection, Reporting, and Analysis processes the customer network data, users can access the Inventory Reporting, Collection, and Analysis web portal to generate reports. The web portal provides a secure interface that lets users select a variety of reports in several different format types. Reports can also be exported to CSV or PDF format.
Q. Who has access to cus tome r network da ta? A. To access the Inventory Reporting, Collection, and Analysis portal, a user must have been registered for the data of the entitled company whose data reports the user wishes to access.
Q. Can a reg iste red use r access repo rts of ano ther user’s network da ta? A. No, each user has a profile created in Inventory Reporting, Collection, and Analysis, and the profile dictates the entitled company for which the user can gain access. Furthermore, in order to register with Inventory Reporting, Collection, and Analysis, the user must have a valid Cisco.com ID, which is mapped to the entitled company of the user.
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 5 of 7
Q&A
Q. Is the connec ti on to the Inven tory Repo rting , Co l lection, and Analys is web porta l secu re?
A. Connection to the Inventory Reporting, Collection, and Analysis web portal is over HTTPS to protect the privacy and confidentiality of the reporting data.
Q. Are the repo rts kep t o n the Invento ry Repo rting, Collec ti on, and Ana lys is server?
A. No, the Inventory Reporting, Collection, and Analysis reports are generated dynamically and are not kept on the Inventory Reporting, Collection, and Analysis servers.
Da ta M a na ge me nt Q. How o ften does Cisco back up the cus tome r network data? A. Cisco supports regular daily backups for raw customer data stored on the Inventory Reporting, Collection, and Analysis server residing inside the Cisco firewall. First, the data is backed up to a second disk. Periodically, the data on the second disk is stored on backup media and shipped to a third-party security vendor for storage in compliance with government regulatory standards.
Q. Does Inven to ry Repo rting , Col lection , and Ana ly sis back up the raw da ta stored on the Cisco Ne two rk Collecto r serve r?
A. No. Raw customer data stored on local collection Cisco laptops/notebooks residing in the customer facility is not backed up.
Q. How long does the up load se rve r keep the up loa ded custo mer ne two rk data?
A. The data residing in the upload server will be purged after three weeks, starting from the time it was uploaded to the Cisco back-end system. A nightly job is run by Cisco IT to detect and purge data that resides in the upload servers for three weeks or longer.
Q. How long does the Invento ry Repo rting, Co llec ti on, and Ana lysis serve r reta in the processed cus tome r ne two rk data?
A. At the present time there is no policy in place to purge this data with any regularity. However, this data can be purged manually if the customer requests Cisco to delete the data. Customer data is stored on the Inventory Reporting, Collection, and Analysis server inside the Cisco firewall.
Q. Is the cus tome r network data cove red unde r the Cisco d isaste r recove ry policy?
A. Yes. Cisco supports an enterprisewide disaster recovery plan for all data stored and managed inside the Cisco firewall. Inventory Reporting, Collection, and Analysis subscribes to Cisco disaster recovery and business continuity info/guidelines.
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 6 of 7
Q&A
Printed in USA
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
C67-508149-00
11/08
Page 7 of 7
